The following issues were found
src/third_party/mozjs-60/extract/js/src/jit/shared/Assembler-shared.h
8 issues
Line: 1006
Column: 36
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
void append(wasm::CallFarJump jmp) {
enoughMemory_ &= callFarJumps_.append(jmp);
}
void append(wasm::MemoryAccess access) {
enoughMemory_ &= memoryAccesses_.append(access);
}
void append(const wasm::MemoryAccessDesc& access, size_t codeOffset, size_t framePushed) {
if (access.hasTrap()) {
// If a memory access is trapping (wasm, SIMD.js, Atomics), create a
Reported by FlawFinder.
Line: 1007
Column: 49
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
enoughMemory_ &= callFarJumps_.append(jmp);
}
void append(wasm::MemoryAccess access) {
enoughMemory_ &= memoryAccesses_.append(access);
}
void append(const wasm::MemoryAccessDesc& access, size_t codeOffset, size_t framePushed) {
if (access.hasTrap()) {
// If a memory access is trapping (wasm, SIMD.js, Atomics), create a
// OldTrapSite now which will generate a trap out-of-line path at the end
Reported by FlawFinder.
Line: 1009
Column: 47
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
void append(wasm::MemoryAccess access) {
enoughMemory_ &= memoryAccesses_.append(access);
}
void append(const wasm::MemoryAccessDesc& access, size_t codeOffset, size_t framePushed) {
if (access.hasTrap()) {
// If a memory access is trapping (wasm, SIMD.js, Atomics), create a
// OldTrapSite now which will generate a trap out-of-line path at the end
// of the function which will *then* append a MemoryAccess.
wasm::OldTrapDesc trap(access.trapOffset(), wasm::Trap::OutOfBounds, framePushed,
Reported by FlawFinder.
Line: 1010
Column: 13
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
enoughMemory_ &= memoryAccesses_.append(access);
}
void append(const wasm::MemoryAccessDesc& access, size_t codeOffset, size_t framePushed) {
if (access.hasTrap()) {
// If a memory access is trapping (wasm, SIMD.js, Atomics), create a
// OldTrapSite now which will generate a trap out-of-line path at the end
// of the function which will *then* append a MemoryAccess.
wasm::OldTrapDesc trap(access.trapOffset(), wasm::Trap::OutOfBounds, framePushed,
wasm::OldTrapSite::MemoryAccess);
Reported by FlawFinder.
Line: 1014
Column: 36
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
// If a memory access is trapping (wasm, SIMD.js, Atomics), create a
// OldTrapSite now which will generate a trap out-of-line path at the end
// of the function which will *then* append a MemoryAccess.
wasm::OldTrapDesc trap(access.trapOffset(), wasm::Trap::OutOfBounds, framePushed,
wasm::OldTrapSite::MemoryAccess);
append(wasm::OldTrapSite(trap, codeOffset));
} else {
// Otherwise, this is a plain asm.js access. On WASM_HUGE_MEMORY
// platforms, asm.js uses signal handlers to remove bounds checks
Reported by FlawFinder.
Line: 1021
Column: 24
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
// Otherwise, this is a plain asm.js access. On WASM_HUGE_MEMORY
// platforms, asm.js uses signal handlers to remove bounds checks
// and thus requires a MemoryAccess.
MOZ_ASSERT(access.isPlainAsmJS());
#ifdef WASM_HUGE_MEMORY
append(wasm::MemoryAccess(codeOffset));
#endif
}
}
Reported by FlawFinder.
Line: 1027
Column: 38
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
#endif
}
}
void append(wasm::SymbolicAccess access) {
enoughMemory_ &= symbolicAccesses_.append(access);
}
wasm::CallSiteVector& callSites() { return callSites_; }
wasm::CallSiteTargetVector& callSiteTargets() { return callSiteTargets_; }
Reported by FlawFinder.
Line: 1028
Column: 51
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
}
void append(wasm::SymbolicAccess access) {
enoughMemory_ &= symbolicAccesses_.append(access);
}
wasm::CallSiteVector& callSites() { return callSites_; }
wasm::CallSiteTargetVector& callSiteTargets() { return callSiteTargets_; }
wasm::TrapSiteVectorArray& trapSites() { return trapSites_; }
Reported by FlawFinder.
site_scons/site_tools/jsheader.py
8 issues
Line: 23
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
from SCons.Script import Action
def jsToH(env, target, source):
return env.Command(
target=target,
Reported by Pylint.
Line: 34
Column: 1
)
def generate(env, **kw):
env.AddMethod(jsToH, "JSHeader")
def exists(env):
return True
Reported by Pylint.
Line: 38
Column: 12
env.AddMethod(jsToH, "JSHeader")
def exists(env):
return True
Reported by Pylint.
Line: 1
Column: 1
# Copyright 2020 MongoDB Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
Reported by Pylint.
Line: 26
Column: 1
from SCons.Script import Action
def jsToH(env, target, source):
return env.Command(
target=target,
source=["#site_scons/site_tools/jstoh.py"] + source,
action=Action("$PYTHON ${SOURCES[0]} $TARGET ${SOURCES[1:]}"),
)
Reported by Pylint.
Line: 26
Column: 1
from SCons.Script import Action
def jsToH(env, target, source):
return env.Command(
target=target,
source=["#site_scons/site_tools/jstoh.py"] + source,
action=Action("$PYTHON ${SOURCES[0]} $TARGET ${SOURCES[1:]}"),
)
Reported by Pylint.
Line: 34
Column: 1
)
def generate(env, **kw):
env.AddMethod(jsToH, "JSHeader")
def exists(env):
return True
Reported by Pylint.
Line: 38
Column: 1
env.AddMethod(jsToH, "JSHeader")
def exists(env):
return True
Reported by Pylint.
src/mongo/util/shell_exec.cpp
8 issues
Line: 209
Column: 17
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
class ProcessStream {
public:
ProcessStream(const std::string& cmd) {
_fp = ::popen(cmd.c_str(), "r");
uassert(ErrorCodes::OperationFailed,
str::stream() << "Unable to launch command: " << errnoWithDescription(),
_fp);
_fd = fileno(_fp);
}
Reported by FlawFinder.
Line: 157
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return;
}
char buf[kExecBufferSizeBytes];
DWORD read = 0;
uassert(ErrorCodes::OperationFailed,
str::stream() << "Failed reading from subprocess: " << errnoWithDescription(),
ReadFile(_stdout, buf, std::min<size_t>(sizeof(buf), len), &read, nullptr));
Reported by FlawFinder.
Line: 246
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
void read(StringBuilder& sb, size_t len) {
char buf[kExecBufferSizeBytes];
len = fread(buf, 1, std::min<size_t>(sizeof(buf), len), _fp);
sb << StringData(buf, len);
}
~ProcessStream() {
Reported by FlawFinder.
Line: 151
Column: 10
CWE codes:
120
20
}
}
void read(StringBuilder& sb, size_t len) {
constexpr DWORD kPipeReadyTimeoutMS = 10;
if (!_stdout || (WAIT_OBJECT_0 != WaitForSingleObject(_stdout, kPipeReadyTimeoutMS))) {
return;
}
Reported by FlawFinder.
Line: 161
Column: 77
CWE codes:
120
20
DWORD read = 0;
uassert(ErrorCodes::OperationFailed,
str::stream() << "Failed reading from subprocess: " << errnoWithDescription(),
ReadFile(_stdout, buf, std::min<size_t>(sizeof(buf), len), &read, nullptr));
if (read == 0) {
CloseHandle(_stdout);
_stdout = nullptr;
} else {
Reported by FlawFinder.
Line: 245
Column: 10
CWE codes:
120
20
}
}
void read(StringBuilder& sb, size_t len) {
char buf[kExecBufferSizeBytes];
len = fread(buf, 1, std::min<size_t>(sizeof(buf), len), _fp);
sb << StringData(buf, len);
}
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/jit/mips32/CodeGenerator-mips32.cpp
8 issues
Line: 322
Column: 26
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
ptrScratch = ToRegister(lir->ptrCopy());
}
if (IsUnaligned(mir->access())) {
masm.wasmUnalignedLoadI64(mir->access(), HeapReg, ToRegister(lir->ptr()),
ptrScratch, ToOutRegister64(lir), ToRegister(lir->getTemp(1)));
} else {
masm.wasmLoadI64(mir->access(), HeapReg, ToRegister(lir->ptr()), ptrScratch,
ToOutRegister64(lir));
Reported by FlawFinder.
Line: 323
Column: 40
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
if (IsUnaligned(mir->access())) {
masm.wasmUnalignedLoadI64(mir->access(), HeapReg, ToRegister(lir->ptr()),
ptrScratch, ToOutRegister64(lir), ToRegister(lir->getTemp(1)));
} else {
masm.wasmLoadI64(mir->access(), HeapReg, ToRegister(lir->ptr()), ptrScratch,
ToOutRegister64(lir));
}
Reported by FlawFinder.
Line: 326
Column: 31
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
masm.wasmUnalignedLoadI64(mir->access(), HeapReg, ToRegister(lir->ptr()),
ptrScratch, ToOutRegister64(lir), ToRegister(lir->getTemp(1)));
} else {
masm.wasmLoadI64(mir->access(), HeapReg, ToRegister(lir->ptr()), ptrScratch,
ToOutRegister64(lir));
}
}
void
Reported by FlawFinder.
Line: 354
Column: 26
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
ptrScratch = ToRegister(lir->ptrCopy());
}
if (IsUnaligned(mir->access())) {
masm.wasmUnalignedStoreI64(mir->access(), ToRegister64(lir->value()), HeapReg,
ToRegister(lir->ptr()), ptrScratch, ToRegister(lir->getTemp(1)));
} else {
masm.wasmStoreI64(mir->access(), ToRegister64(lir->value()), HeapReg,
ToRegister(lir->ptr()), ptrScratch);
Reported by FlawFinder.
Line: 355
Column: 41
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
if (IsUnaligned(mir->access())) {
masm.wasmUnalignedStoreI64(mir->access(), ToRegister64(lir->value()), HeapReg,
ToRegister(lir->ptr()), ptrScratch, ToRegister(lir->getTemp(1)));
} else {
masm.wasmStoreI64(mir->access(), ToRegister64(lir->value()), HeapReg,
ToRegister(lir->ptr()), ptrScratch);
}
Reported by FlawFinder.
Line: 358
Column: 32
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
masm.wasmUnalignedStoreI64(mir->access(), ToRegister64(lir->value()), HeapReg,
ToRegister(lir->ptr()), ptrScratch, ToRegister(lir->getTemp(1)));
} else {
masm.wasmStoreI64(mir->access(), ToRegister64(lir->value()), HeapReg,
ToRegister(lir->ptr()), ptrScratch);
}
}
void
Reported by FlawFinder.
Line: 593
Column: 35
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
{
Register ptr = ToRegister(lir->ptr());
Register64 output = ToOutRegister64(lir);
uint32_t offset = lir->mir()->access().offset();
BaseIndex addr(HeapReg, ptr, TimesOne, offset);
masm.atomicLoad64(Synchronization::Full(), addr, Register64::Invalid(), output);
}
Reported by FlawFinder.
Line: 606
Column: 35
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
Register ptr = ToRegister(lir->ptr());
Register64 value = ToRegister64(lir->value());
Register tmp = ToRegister(lir->tmp());
uint32_t offset = lir->mir()->access().offset();
BaseIndex addr(HeapReg, ptr, TimesOne, offset);
masm.atomicStore64(addr, tmp, value);
}
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/jit/mips-shared/Assembler-mips-shared.h
8 issues
Line: 1578
Column: 43
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
};
inline bool
IsUnaligned(const wasm::MemoryAccessDesc& access)
{
if (!access.align())
return false;
#ifdef JS_CODEGEN_MIPS32
Reported by FlawFinder.
Line: 1580
Column: 10
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
inline bool
IsUnaligned(const wasm::MemoryAccessDesc& access)
{
if (!access.align())
return false;
#ifdef JS_CODEGEN_MIPS32
if (access.type() == Scalar::Int64 && access.align() >= 4)
return false;
Reported by FlawFinder.
Line: 1584
Column: 9
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return false;
#ifdef JS_CODEGEN_MIPS32
if (access.type() == Scalar::Int64 && access.align() >= 4)
return false;
#endif
return access.align() < access.byteSize();
}
Reported by FlawFinder.
Line: 1584
Column: 43
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return false;
#ifdef JS_CODEGEN_MIPS32
if (access.type() == Scalar::Int64 && access.align() >= 4)
return false;
#endif
return access.align() < access.byteSize();
}
Reported by FlawFinder.
Line: 1588
Column: 29
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return false;
#endif
return access.align() < access.byteSize();
}
} // namespace jit
} // namespace js
Reported by FlawFinder.
Line: 1588
Column: 12
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return false;
#endif
return access.align() < access.byteSize();
}
} // namespace jit
} // namespace js
Reported by FlawFinder.
Line: 750
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return;
for (Slice* cur = head; cur != nullptr; cur = cur->getNext()) {
memcpy(buffer, &cur->instructions, cur->length());
buffer += cur->length();
}
}
bool appendRawCode(const uint8_t* code, size_t numBytes) {
Reported by FlawFinder.
Line: 954
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
MOZ_COLD void spew(const char* fmt, va_list va) MOZ_FORMAT_PRINTF(2, 0) {
// Buffer to hold the formatted string. Note that this may contain
// '%' characters, so do not pass it directly to printf functions.
char buf[200];
int i = VsprintfLiteral(buf, fmt, va);
if (i > -1) {
if (printer)
printer->printf("%s\n", buf);
Reported by FlawFinder.
src/third_party/wiredtiger/test/format/import.c
8 issues
Line: 78
Column: 23
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
cmd_len = strlen(g.home) * 2 + strlen(HOME_IMPORT_INIT_CMD) + 1;
cmd = dmalloc(cmd_len);
testutil_check(__wt_snprintf(cmd, cmd_len, HOME_IMPORT_INIT_CMD, g.home, g.home));
testutil_checkfmt(system(cmd), "%s", "import directory creation failed");
free(cmd);
cmd_len = strlen(g.home) + strlen(IMPORT_DIR) + 10;
cmd = dmalloc(cmd_len);
testutil_check(__wt_snprintf(cmd, cmd_len, "%s/%s", g.home, IMPORT_DIR));
Reported by FlawFinder.
Line: 64
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size_t cmd_len;
uint32_t import_value;
u_int period;
char buf[2048], *cmd;
const char *file_config, *table_config;
WT_UNUSED(arg);
conn = g.wts_conn;
file_config = table_config = NULL;
Reported by FlawFinder.
Line: 218
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
copy_file_into_directory(WT_SESSION *session, const char *name)
{
size_t buf_len;
char to[64];
buf_len = strlen(name) + 10;
testutil_check(__wt_snprintf(to, buf_len, "../%s", name));
testutil_check(__wt_copy_and_sync(session, name, to));
}
Reported by FlawFinder.
Line: 75
Column: 15
CWE codes:
126
/*
* Create a new database, primarily used for testing import.
*/
cmd_len = strlen(g.home) * 2 + strlen(HOME_IMPORT_INIT_CMD) + 1;
cmd = dmalloc(cmd_len);
testutil_check(__wt_snprintf(cmd, cmd_len, HOME_IMPORT_INIT_CMD, g.home, g.home));
testutil_checkfmt(system(cmd), "%s", "import directory creation failed");
free(cmd);
Reported by FlawFinder.
Line: 75
Column: 36
CWE codes:
126
/*
* Create a new database, primarily used for testing import.
*/
cmd_len = strlen(g.home) * 2 + strlen(HOME_IMPORT_INIT_CMD) + 1;
cmd = dmalloc(cmd_len);
testutil_check(__wt_snprintf(cmd, cmd_len, HOME_IMPORT_INIT_CMD, g.home, g.home));
testutil_checkfmt(system(cmd), "%s", "import directory creation failed");
free(cmd);
Reported by FlawFinder.
Line: 81
Column: 15
CWE codes:
126
testutil_checkfmt(system(cmd), "%s", "import directory creation failed");
free(cmd);
cmd_len = strlen(g.home) + strlen(IMPORT_DIR) + 10;
cmd = dmalloc(cmd_len);
testutil_check(__wt_snprintf(cmd, cmd_len, "%s/%s", g.home, IMPORT_DIR));
/* Open a connection to the database, creating it if necessary. */
create_database(cmd, &import_conn);
free(cmd);
Reported by FlawFinder.
Line: 81
Column: 32
CWE codes:
126
testutil_checkfmt(system(cmd), "%s", "import directory creation failed");
free(cmd);
cmd_len = strlen(g.home) + strlen(IMPORT_DIR) + 10;
cmd = dmalloc(cmd_len);
testutil_check(__wt_snprintf(cmd, cmd_len, "%s/%s", g.home, IMPORT_DIR));
/* Open a connection to the database, creating it if necessary. */
create_database(cmd, &import_conn);
free(cmd);
Reported by FlawFinder.
Line: 220
Column: 15
CWE codes:
126
size_t buf_len;
char to[64];
buf_len = strlen(name) + 10;
testutil_check(__wt_snprintf(to, buf_len, "../%s", name));
testutil_check(__wt_copy_and_sync(session, name, to));
}
Reported by FlawFinder.
src/mongo/shell/shell_utils_extended.cpp
8 issues
Line: 517
Column: 19
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
const auto envName = a.firstElement().String();
std::string result{};
#ifndef _WIN32
auto envPtr = getenv(envName.c_str());
if (envPtr) {
result = std::string(envPtr);
}
#else
auto envPtr = _wgetenv(toNativeString(envName.c_str()).c_str());
Reported by FlawFinder.
Line: 255
Column: 15
CWE codes:
362
BSONObj md5sumFile(const BSONObj& args, void* data) {
BSONElement e = singleArg(args);
stringstream ss;
FILE* f = fopen(e.valuestrsafe(), "rb");
uassert(CANT_OPEN_FILE, str::stream() << "couldn't open file " << e.valuestrsafe(), f);
ON_BLOCK_EXIT([&] { fclose(f); });
md5digest d;
md5_state_t st;
Reported by FlawFinder.
Line: 264
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
md5_init(&st);
enum { BUFLEN = 4 * 1024 };
char buffer[BUFLEN];
int bytes_read;
while ((bytes_read = fread(buffer, 1, BUFLEN, f))) {
md5_append(&st, (const md5_byte_t*)(buffer), bytes_read);
}
Reported by FlawFinder.
Line: 407
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
BSONObj getHostName(const BSONObj& a, void* data) {
uassert(13411, "getHostName accepts no arguments", a.nFields() == 0);
char buf[260]; // HOST_NAME_MAX is usually 255
verify(gethostname(buf, 260) == 0);
buf[259] = '\0';
return BSON("" << buf);
}
Reported by FlawFinder.
Line: 467
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// if there is more data in the file or stream than we can handle.
std::string contents;
while (stream) {
char buffer[4096];
stream.read(buffer, sizeof(buffer));
contents.append(buffer, stream.gcount());
// Check that the size of the data can fit into the BSON shape
// { "" : [ ... ] }, which has 12 bytes of overhead.
Reported by FlawFinder.
Line: 226
Column: 13
CWE codes:
120
20
bool earlyEOF = false;
std::vector<char> buffer(length);
if (!in.read(buffer.data(), length)) {
invariant(in.rdstate() & std::ifstream::eofbit);
earlyEOF = true;
}
int64_t bytesRead = in.gcount();
Reported by FlawFinder.
Line: 426
Column: 40
CWE codes:
732
"umask takes 1 argument, the octal mode of the umask",
a.nFields() == 1 && isNumericBSONType(a.firstElementType()));
auto val = a.firstElement().safeNumberInt();
return BSON("" << static_cast<int>(umask(static_cast<mode_t>(val))));
#endif
}
BSONObj getFileMode(const BSONObj& a, void* data) {
uassert(50975,
Reported by FlawFinder.
Line: 468
Column: 16
CWE codes:
120
20
std::string contents;
while (stream) {
char buffer[4096];
stream.read(buffer, sizeof(buffer));
contents.append(buffer, stream.gcount());
// Check that the size of the data can fit into the BSON shape
// { "" : [ ... ] }, which has 12 bytes of overhead.
uassert(31406,
Reported by FlawFinder.
src/mongo/rpc/message.h
8 issues
Line: 275
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#pragma pack(1)
struct Layout {
MSGHEADER::Layout header;
char data[4];
};
#pragma pack()
class ConstView {
public:
Reported by FlawFinder.
Line: 453
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
_buf = SharedBuffer::allocate(dataLen);
MsgData::View d = _buf.get();
if (len)
memcpy(d.data(), msgdata, len);
d.setLen(dataLen);
d.setOperation(operation);
}
char* buf() {
Reported by FlawFinder.
Line: 202
Column: 23
CWE codes:
120
20
}
int32_t getMessageLength() const {
return data().read<LittleEndian<int32_t>>(offsetof(Layout, messageLength));
}
int32_t getRequestMsgId() const {
return data().read<LittleEndian<int32_t>>(offsetof(Layout, requestID));
}
Reported by FlawFinder.
Line: 206
Column: 23
CWE codes:
120
20
}
int32_t getRequestMsgId() const {
return data().read<LittleEndian<int32_t>>(offsetof(Layout, requestID));
}
int32_t getResponseToMsgId() const {
return data().read<LittleEndian<int32_t>>(offsetof(Layout, responseTo));
}
Reported by FlawFinder.
Line: 210
Column: 23
CWE codes:
120
20
}
int32_t getResponseToMsgId() const {
return data().read<LittleEndian<int32_t>>(offsetof(Layout, responseTo));
}
int32_t getOpCode() const {
return data().read<LittleEndian<int32_t>>(offsetof(Layout, opCode));
}
Reported by FlawFinder.
Line: 214
Column: 23
CWE codes:
120
20
}
int32_t getOpCode() const {
return data().read<LittleEndian<int32_t>>(offsetof(Layout, opCode));
}
protected:
const view_type& data() const {
return _data;
Reported by FlawFinder.
Line: 318
Column: 56
CWE codes:
120
20
int64_t getCursor() const {
verify(getResponseToMsgId() > 0);
verify(getNetworkOp() == opReply);
return ConstDataView(data() + sizeof(int32_t)).read<LittleEndian<int64_t>>();
}
int dataLen() const; // len without header
protected:
Reported by FlawFinder.
Line: 445
Column: 36
CWE codes:
126
_buf = std::move(buf);
}
void setData(int operation, const char* msgtxt) {
setData(operation, msgtxt, strlen(msgtxt) + 1);
}
void setData(int operation, const char* msgdata, size_t len) {
verify(empty());
size_t dataLen = len + sizeof(MsgData::Value) - 4;
_buf = SharedBuffer::allocate(dataLen);
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_util08.py
8 issues
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util08.py
# Utilities: wt copyright
class test_util08(wttest.WiredTigerTestCase, suite_subprocess):
def test_copyright(self):
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util08.py
# Utilities: wt copyright
class test_util08(wttest.WiredTigerTestCase, suite_subprocess):
def test_copyright(self):
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util08.py
# Utilities: wt copyright
class test_util08(wttest.WiredTigerTestCase, suite_subprocess):
def test_copyright(self):
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util08.py
# Utilities: wt copyright
class test_util08(wttest.WiredTigerTestCase, suite_subprocess):
def test_copyright(self):
Reported by Pylint.
Line: 34
Column: 1
# test_util08.py
# Utilities: wt copyright
class test_util08(wttest.WiredTigerTestCase, suite_subprocess):
def test_copyright(self):
"""
Test copyright in a 'wt' process
"""
outfile = "copyrightout.txt"
Reported by Pylint.
Line: 34
Column: 1
# test_util08.py
# Utilities: wt copyright
class test_util08(wttest.WiredTigerTestCase, suite_subprocess):
def test_copyright(self):
"""
Test copyright in a 'wt' process
"""
outfile = "copyrightout.txt"
Reported by Pylint.
Line: 41
Column: 36
"""
outfile = "copyrightout.txt"
self.runWt(["copyright"], outfilename=outfile)
with open(outfile, 'r') as f:
text = f.read(1000)
self.assertTrue('Copyright' in text)
if __name__ == '__main__':
wttest.run()
Reported by Pylint.
src/third_party/wiredtiger/test/3rdparty/testtools-0.9.34/testtools/tests/test_helpers.py
7 issues
Line: 1
Column: 1
# Copyright (c) 2010-2012 testtools developers. See LICENSE for details.
from testtools import TestCase
from testtools.tests.helpers import (
FullStackRunTest,
hide_testtools_stack,
is_stack_hidden,
)
Reported by Pylint.
Line: 11
Column: 1
)
class TestStackHiding(TestCase):
run_tests_with = FullStackRunTest
def setUp(self):
super(TestStackHiding, self).setUp()
Reported by Pylint.
Line: 16
Column: 9
run_tests_with = FullStackRunTest
def setUp(self):
super(TestStackHiding, self).setUp()
self.addCleanup(hide_testtools_stack, is_stack_hidden())
def test_is_stack_hidden_consistent_true(self):
hide_testtools_stack(True)
self.assertEqual(True, is_stack_hidden())
Reported by Pylint.
Line: 19
Column: 5
super(TestStackHiding, self).setUp()
self.addCleanup(hide_testtools_stack, is_stack_hidden())
def test_is_stack_hidden_consistent_true(self):
hide_testtools_stack(True)
self.assertEqual(True, is_stack_hidden())
def test_is_stack_hidden_consistent_false(self):
hide_testtools_stack(False)
Reported by Pylint.
Line: 23
Column: 5
hide_testtools_stack(True)
self.assertEqual(True, is_stack_hidden())
def test_is_stack_hidden_consistent_false(self):
hide_testtools_stack(False)
self.assertEqual(False, is_stack_hidden())
def test_suite():
Reported by Pylint.
Line: 28
Column: 1
self.assertEqual(False, is_stack_hidden())
def test_suite():
from unittest import TestLoader
return TestLoader().loadTestsFromName(__name__)
Reported by Pylint.
Line: 29
Column: 5
def test_suite():
from unittest import TestLoader
return TestLoader().loadTestsFromName(__name__)
Reported by Pylint.