The following issues were found
src/third_party/wiredtiger/src/conn/conn_tiered.c
7 issues
Line: 402
CWE codes:
768
session, WT_WITH_SCHEMA_LOCK(session, ret = __flush_tier_once(session, flags)));
else
WT_WITH_CHECKPOINT_LOCK_NOWAIT(session, ret,
WT_WITH_SCHEMA_LOCK_NOWAIT(session, ret, ret = __flush_tier_once(session, flags)));
__wt_spin_unlock(session, &conn->flush_tier_lock);
locked = false;
if (ret == 0 && LF_ISSET(WT_FLUSH_TIER_ON))
WT_ERR(__flush_tier_wait(session, cfg));
Reported by Cppcheck.
Line: 134
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size_t len;
uint64_t now;
char *config, *newfile;
const char *cfg[2], *filename;
config = newfile = NULL;
if (uri == NULL)
return (0);
__wt_verbose(session, WT_VERB_TIERED, "Removing tree %s", uri);
Reported by FlawFinder.
Line: 190
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_DECL_RET;
uint64_t now;
char *newconfig, *obj_value;
const char *cfg[3] = {NULL, NULL, NULL};
bool release, tracking;
release = tracking = false;
WT_RET(__wt_scr_alloc(session, 512, &buf));
dhandle = &tiered->iface;
Reported by FlawFinder.
Line: 352
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_CONNECTION_IMPL *conn;
WT_DECL_RET;
uint32_t flags;
const char *cfg[3];
bool locked, wait;
conn = S2C(session);
WT_STAT_CONN_INCR(session, flush_tier);
if (FLD_ISSET(conn->server_flags, WT_CONN_SERVER_TIERED_MGR))
Reported by FlawFinder.
Line: 542
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_ITEM path, tmp;
WT_SESSION_IMPL *session;
WT_TIERED_MANAGER *mgr;
const char *cfg[2];
session = arg;
conn = S2C(session);
mgr = &conn->tiered_mgr;
Reported by FlawFinder.
Line: 142
Column: 11
CWE codes:
126
__wt_verbose(session, WT_VERB_TIERED, "Removing tree %s", uri);
filename = uri;
WT_PREFIX_SKIP_REQUIRED(session, filename, "tiered:");
len = strlen("file:") + strlen(filename) + 1;
WT_ERR(__wt_calloc_def(session, len, &newfile));
WT_ERR(__wt_snprintf(newfile, len, "file:%s", filename));
/*
* If the file:URI of the tiered object does not exist, there is nothing to do.
Reported by FlawFinder.
Line: 142
Column: 29
CWE codes:
126
__wt_verbose(session, WT_VERB_TIERED, "Removing tree %s", uri);
filename = uri;
WT_PREFIX_SKIP_REQUIRED(session, filename, "tiered:");
len = strlen("file:") + strlen(filename) + 1;
WT_ERR(__wt_calloc_def(session, len, &newfile));
WT_ERR(__wt_snprintf(newfile, len, "file:%s", filename));
/*
* If the file:URI of the tiered object does not exist, there is nothing to do.
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/wasm/WasmInstance.cpp
7 issues
Line: 674
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
SimdConstant simd;
if (!ToSimdConstant<Int8x16>(cx, v, &simd))
return false;
memcpy(&exportArgs[i], simd.asInt8x16(), Simd128DataSize);
break;
}
case ValType::I16x8: {
SimdConstant simd;
if (!ToSimdConstant<Int16x8>(cx, v, &simd))
Reported by FlawFinder.
Line: 681
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
SimdConstant simd;
if (!ToSimdConstant<Int16x8>(cx, v, &simd))
return false;
memcpy(&exportArgs[i], simd.asInt16x8(), Simd128DataSize);
break;
}
case ValType::I32x4: {
SimdConstant simd;
if (!ToSimdConstant<Int32x4>(cx, v, &simd))
Reported by FlawFinder.
Line: 688
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
SimdConstant simd;
if (!ToSimdConstant<Int32x4>(cx, v, &simd))
return false;
memcpy(&exportArgs[i], simd.asInt32x4(), Simd128DataSize);
break;
}
case ValType::F32x4: {
SimdConstant simd;
if (!ToSimdConstant<Float32x4>(cx, v, &simd))
Reported by FlawFinder.
Line: 695
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
SimdConstant simd;
if (!ToSimdConstant<Float32x4>(cx, v, &simd))
return false;
memcpy(&exportArgs[i], simd.asFloat32x4(), Simd128DataSize);
break;
}
case ValType::B8x16: {
SimdConstant simd;
if (!ToSimdConstant<Bool8x16>(cx, v, &simd))
Reported by FlawFinder.
Line: 703
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!ToSimdConstant<Bool8x16>(cx, v, &simd))
return false;
// Bool8x16 uses the same representation as Int8x16.
memcpy(&exportArgs[i], simd.asInt8x16(), Simd128DataSize);
break;
}
case ValType::B16x8: {
SimdConstant simd;
if (!ToSimdConstant<Bool16x8>(cx, v, &simd))
Reported by FlawFinder.
Line: 711
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!ToSimdConstant<Bool16x8>(cx, v, &simd))
return false;
// Bool16x8 uses the same representation as Int16x8.
memcpy(&exportArgs[i], simd.asInt16x8(), Simd128DataSize);
break;
}
case ValType::B32x4: {
SimdConstant simd;
if (!ToSimdConstant<Bool32x4>(cx, v, &simd))
Reported by FlawFinder.
Line: 719
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!ToSimdConstant<Bool32x4>(cx, v, &simd))
return false;
// Bool32x4 uses the same representation as Int32x4.
memcpy(&exportArgs[i], simd.asInt32x4(), Simd128DataSize);
break;
}
}
}
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_bug015.py
7 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
# test_bug015.py
# JIRA WT-2162: index drop in a certain order triggers NULL pointer deref
class test_bug015(wttest.WiredTigerTestCase):
def test_bug015(self):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
# test_bug015.py
# JIRA WT-2162: index drop in a certain order triggers NULL pointer deref
class test_bug015(wttest.WiredTigerTestCase):
def test_bug015(self):
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
# test_bug015.py
# JIRA WT-2162: index drop in a certain order triggers NULL pointer deref
class test_bug015(wttest.WiredTigerTestCase):
def test_bug015(self):
Reported by Pylint.
Line: 33
Column: 1
# test_bug015.py
# JIRA WT-2162: index drop in a certain order triggers NULL pointer deref
class test_bug015(wttest.WiredTigerTestCase):
def test_bug015(self):
table = 'table:test_bug015'
idx1 = 'index:test_bug015:aab'
idx2 = 'index:test_bug015:aaa'
self.session.create(table, "columns=(k,v)")
Reported by Pylint.
Line: 33
Column: 1
# test_bug015.py
# JIRA WT-2162: index drop in a certain order triggers NULL pointer deref
class test_bug015(wttest.WiredTigerTestCase):
def test_bug015(self):
table = 'table:test_bug015'
idx1 = 'index:test_bug015:aab'
idx2 = 'index:test_bug015:aaa'
self.session.create(table, "columns=(k,v)")
Reported by Pylint.
Line: 34
Column: 5
# test_bug015.py
# JIRA WT-2162: index drop in a certain order triggers NULL pointer deref
class test_bug015(wttest.WiredTigerTestCase):
def test_bug015(self):
table = 'table:test_bug015'
idx1 = 'index:test_bug015:aab'
idx2 = 'index:test_bug015:aaa'
self.session.create(table, "columns=(k,v)")
self.session.create(idx1, "columns=(v)")
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_bug006.py
7 issues
Line: 32
Column: 1
# test_bug006.py
# Regression tests.
import wiredtiger, wttest
from wtdataset import SimpleDataSet, simple_key, simple_value
from wtscenario import make_scenarios
# Check that verify and salvage both raise exceptions if there is an open
# cursor.
Reported by Pylint.
Line: 33
Column: 1
# Regression tests.
import wiredtiger, wttest
from wtdataset import SimpleDataSet, simple_key, simple_value
from wtscenario import make_scenarios
# Check that verify and salvage both raise exceptions if there is an open
# cursor.
class test_bug006(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 32
Column: 1
# test_bug006.py
# Regression tests.
import wiredtiger, wttest
from wtdataset import SimpleDataSet, simple_key, simple_value
from wtscenario import make_scenarios
# Check that verify and salvage both raise exceptions if there is an open
# cursor.
Reported by Pylint.
Line: 38
Column: 1
# Check that verify and salvage both raise exceptions if there is an open
# cursor.
class test_bug006(wttest.WiredTigerTestCase):
name = 'test_bug006'
scenarios = make_scenarios([
('file', dict(uri='file:')),
('table', dict(uri='table:')),
])
Reported by Pylint.
Line: 38
Column: 1
# Check that verify and salvage both raise exceptions if there is an open
# cursor.
class test_bug006(wttest.WiredTigerTestCase):
name = 'test_bug006'
scenarios = make_scenarios([
('file', dict(uri='file:')),
('table', dict(uri='table:')),
])
Reported by Pylint.
Line: 45
Column: 5
('table', dict(uri='table:')),
])
def test_bug006(self):
uri = self.uri + self.name
self.session.create(uri, 'value_format=S,key_format=S')
cursor = self.session.open_cursor(uri, None)
for i in range(1, 1000):
cursor[simple_key(cursor, i)] = simple_value(cursor, i)
Reported by Pylint.
src/third_party/mozjs-60/extract/js/src/vm/TypeInference.cpp
7 issues
Line: 237
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list ap;
va_start(ap, fmt);
fprintf(stderr, "[infer] ");
vfprintf(stderr, fmt, ap);
fprintf(stderr, "\n");
va_end(ap);
}
#endif
Reported by FlawFinder.
Line: 167
Column: 27
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (!checked) {
checked = true;
PodArrayZero(active);
const char* env = getenv("INFERFLAGS");
if (!env)
return false;
if (strstr(env, "ops"))
active[ISpewOps] = true;
if (strstr(env, "result"))
Reported by FlawFinder.
Line: 189
Column: 27
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static bool checked = false;
if (!checked) {
checked = true;
const char* env = getenv("TERM");
if (!env)
return false;
if (strcmp(env, "xterm-color") == 0 || strcmp(env, "xterm-256color") == 0)
colorable = true;
}
Reported by FlawFinder.
Line: 80
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return "(new)";
if (JSID_IS_SYMBOL(id))
return "(symbol)";
static char bufs[4][100];
static unsigned which = 0;
which = (which + 1) & 3;
PutEscapedString(bufs[which], 100, JSID_TO_FLAT_STRING(id), 0);
return bufs[which];
}
Reported by FlawFinder.
Line: 140
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (type.isPrimitive() || type.isUnknown() || type.isAnyObject())
return MakeStringCopy(NonObjectTypeString(type));
char buf[100];
if (type.isSingleton()) {
JSObject* singleton = type.singletonNoBarrier();
SprintfLiteral(buf, "<%s %#" PRIxPTR ">", singleton->getClass()->name, uintptr_t(singleton));
} else {
SprintfLiteral(buf, "[%s * %#" PRIxPTR "]", type.groupNoBarrier()->clasp()->name, uintptr_t(type.groupNoBarrier()));
Reported by FlawFinder.
Line: 247
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
MOZ_FORMAT_PRINTF(2, 3)
TypeFailure(JSContext* cx, const char* fmt, ...)
{
char msgbuf[1024]; /* Larger error messages will be truncated */
char errbuf[1024];
va_list ap;
va_start(ap, fmt);
VsprintfLiteral(errbuf, fmt, ap);
Reported by FlawFinder.
Line: 248
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
TypeFailure(JSContext* cx, const char* fmt, ...)
{
char msgbuf[1024]; /* Larger error messages will be truncated */
char errbuf[1024];
va_list ap;
va_start(ap, fmt);
VsprintfLiteral(errbuf, fmt, ap);
va_end(ap);
Reported by FlawFinder.
src/mongo/transport/session_asio.cpp
7 issues
Line: 404
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
auto buffer = SharedBuffer::allocate(msgLen);
memcpy(buffer.get(), headerBuffer.get(), kHeaderSize);
MsgData::View msgView(buffer.get());
return read(asio::buffer(msgView.data(), msgView.dataLen()), baton)
.then([this, buffer = std::move(buffer), msgLen]() mutable {
if (_isIngressSession) {
Reported by FlawFinder.
Line: 373
Column: 12
CWE codes:
120
20
auto headerBuffer = SharedBuffer::allocate(kHeaderSize);
auto ptr = headerBuffer.get();
return read(asio::buffer(ptr, kHeaderSize), baton)
.then([headerBuffer = std::move(headerBuffer), this, baton]() mutable {
if (checkForHTTPRequest(asio::buffer(headerBuffer.get(), kHeaderSize))) {
return sendHTTPResponse(baton);
}
Reported by FlawFinder.
Line: 407
Column: 20
CWE codes:
120
20
memcpy(buffer.get(), headerBuffer.get(), kHeaderSize);
MsgData::View msgView(buffer.get());
return read(asio::buffer(msgView.data(), msgView.dataLen()), baton)
.then([this, buffer = std::move(buffer), msgLen]() mutable {
if (_isIngressSession) {
networkCounter.hitPhysicalIn(msgLen);
}
return Message(std::move(buffer));
Reported by FlawFinder.
Line: 418
Column: 47
CWE codes:
120
20
}
template <typename MutableBufferSequence>
Future<void> TransportLayerASIO::ASIOSession::read(const MutableBufferSequence& buffers,
const BatonHandle& baton) {
// TODO SERVER-47229 Guard active ops for cancellation here.
#ifdef MONGO_CONFIG_SSL
if (_sslSocket) {
return opportunisticRead(*_sslSocket, buffers, baton);
Reported by FlawFinder.
Line: 434
Column: 28
CWE codes:
120
20
})
.then([this, buffers, baton](bool needsRead) mutable {
if (needsRead) {
return read(buffers, baton);
} else {
return Future<void>::makeReady();
}
});
}
Reported by FlawFinder.
Line: 484
Column: 26
CWE codes:
120
20
}
do {
size = asio::read(stream, localBuffer, ec);
} while (ec == asio::error::interrupted); // retry syscall EINTR
if (!ec && buffers.size() > 1) {
ec = asio::error::would_block;
}
Reported by FlawFinder.
Line: 492
Column: 26
CWE codes:
120
20
}
} else {
do {
size = asio::read(stream, buffers, ec);
} while (ec == asio::error::interrupted); // retry syscall EINTR
}
if (((ec == asio::error::would_block) || (ec == asio::error::try_again)) &&
(_blockingMode == Async)) {
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mozglue/misc/StackWalk.cpp
7 issues
Line: 188
Column: 5
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
if (initialized) {
return;
}
::InitializeCriticalSection(&gDbgHelpCS);
initialized = true;
}
static unsigned int WINAPI WalkStackThread(void* aData);
Reported by FlawFinder.
Line: 789
Column: 5
CWE codes:
120
modInfoRes = SymGetModuleInfoEspecial64(myProcess, addr, &modInfo, &lineInfo);
if (modInfoRes) {
strncpy(aDetails->library, modInfo.LoadedImageName,
sizeof(aDetails->library));
aDetails->library[mozilla::ArrayLength(aDetails->library) - 1] = '\0';
aDetails->loffset = (char*)aPC - (char*)modInfo.BaseOfImage;
if (lineInfo.FileName) {
Reported by FlawFinder.
Line: 795
Column: 7
CWE codes:
120
aDetails->loffset = (char*)aPC - (char*)modInfo.BaseOfImage;
if (lineInfo.FileName) {
strncpy(aDetails->filename, lineInfo.FileName,
sizeof(aDetails->filename));
aDetails->filename[mozilla::ArrayLength(aDetails->filename) - 1] = '\0';
aDetails->lineno = lineInfo.LineNumber;
}
}
Reported by FlawFinder.
Line: 812
Column: 5
CWE codes:
120
ok = SymFromAddr(myProcess, addr, &displacement, pSymbol);
if (ok) {
strncpy(aDetails->function, pSymbol->Name,
sizeof(aDetails->function));
aDetails->function[mozilla::ArrayLength(aDetails->function) - 1] = '\0';
aDetails->foffset = static_cast<ptrdiff_t>(displacement);
}
Reported by FlawFinder.
Line: 854
Column: 5
CWE codes:
120
char* demangled = abi::__cxa_demangle(aSymbol, 0, 0, 0);
if (demangled) {
strncpy(aBuffer, demangled, aBufLen);
aBuffer[aBufLen - 1] = '\0';
free(demangled);
}
#endif // MOZ_DEMANGLE_SYMBOLS
}
Reported by FlawFinder.
Line: 981
Column: 3
CWE codes:
120
return true;
}
strncpy(aDetails->library, info.dli_fname, sizeof(aDetails->library));
aDetails->library[mozilla::ArrayLength(aDetails->library) - 1] = '\0';
aDetails->loffset = (char*)aPC - (char*)info.dli_fbase;
const char* symbol = info.dli_sname;
if (!symbol || symbol[0] == '\0') {
Reported by FlawFinder.
Line: 994
Column: 5
CWE codes:
120
if (aDetails->function[0] == '\0') {
// Just use the mangled symbol if demangling failed.
strncpy(aDetails->function, symbol, sizeof(aDetails->function));
aDetails->function[mozilla::ArrayLength(aDetails->function) - 1] = '\0';
}
aDetails->foffset = (char*)aPC - (char*)info.dli_saddr;
return true;
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_bug007.py
7 issues
Line: 32
Column: 1
# test_bug007.py
# Regression tests.
import wiredtiger, wttest
# Check that forced salvage works correctly.
class test_bug007(wttest.WiredTigerTestCase):
def test_bug007(self):
# This is a btree layer test, test files only.
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 32
Column: 1
# test_bug007.py
# Regression tests.
import wiredtiger, wttest
# Check that forced salvage works correctly.
class test_bug007(wttest.WiredTigerTestCase):
def test_bug007(self):
# This is a btree layer test, test files only.
Reported by Pylint.
Line: 35
Column: 1
import wiredtiger, wttest
# Check that forced salvage works correctly.
class test_bug007(wttest.WiredTigerTestCase):
def test_bug007(self):
# This is a btree layer test, test files only.
uri = 'file:test_bug007'
# Create the object.
Reported by Pylint.
Line: 35
Column: 1
import wiredtiger, wttest
# Check that forced salvage works correctly.
class test_bug007(wttest.WiredTigerTestCase):
def test_bug007(self):
# This is a btree layer test, test files only.
uri = 'file:test_bug007'
# Create the object.
Reported by Pylint.
Line: 36
Column: 5
# Check that forced salvage works correctly.
class test_bug007(wttest.WiredTigerTestCase):
def test_bug007(self):
# This is a btree layer test, test files only.
uri = 'file:test_bug007'
# Create the object.
self.session.create(uri, 'value_format=S,key_format=S')
Reported by Pylint.
Line: 47
Column: 9
# Force is required if a file doesn't have a reasonable header.
# Overwrite the file with random data.
f = open('test_bug007', 'w')
f.write('random data' * 100)
f.close()
# Salvage should fail.
self.assertRaisesWithMessage(
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_util17.py
7 issues
Line: 31
Column: 1
import os
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util17.py
# Utilities: wt stat
class test_util17(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util17.a'
Reported by Pylint.
Line: 31
Column: 1
import os
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util17.py
# Utilities: wt stat
class test_util17(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util17.a'
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 31
Column: 1
import os
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util17.py
# Utilities: wt stat
class test_util17(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util17.a'
Reported by Pylint.
Line: 31
Column: 1
import os
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util17.py
# Utilities: wt stat
class test_util17(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util17.a'
Reported by Pylint.
Line: 35
Column: 1
# test_util17.py
# Utilities: wt stat
class test_util17(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util17.a'
def test_stat_process(self):
"""
Test stat in a 'wt' process
Reported by Pylint.
Line: 35
Column: 1
# test_util17.py
# Utilities: wt stat
class test_util17(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util17.a'
def test_stat_process(self):
"""
Test stat in a 'wt' process
Reported by Pylint.
src/third_party/wiredtiger/ext/encryptors/rotn/rotn_encrypt.c
6 issues
Line: 375
CWE codes:
401
rotn_encryptor->rot_N = keyid_val;
*customp = (WT_ENCRYPTOR *)rotn_encryptor;
return (0);
err:
free(rotn_encryptor->keyid);
free(rotn_encryptor->secretkey);
free(rotn_encryptor->shift_forw);
Reported by Cppcheck.
Line: 196
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* checksum and initialize the IV here.
*/
i = CHKSUM_LEN + IV_LEN;
memcpy(&dst[i], &src[0], src_len);
/*
* Depending on whether we have a secret key or not, call the common rotate or shift function on
* the text portion of the destination buffer. Send in src_len as the length of the text.
*/
if (rotn_encryptor->shift_len == 0)
Reported by FlawFinder.
Line: 252
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* Copy the encrypted data to the destination buffer and then decrypt the destination buffer.
*/
i = CHKSUM_LEN + IV_LEN;
memcpy(&dst[0], &src[i], mylen);
/*
* Depending on whether we have a secret key or not, call the common rotate or shift function on
* the text portion of the destination buffer. Send in dst_len as the length of the text.
*/
/*
Reported by FlawFinder.
Line: 321
Column: 26
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
/*
* In this demonstration, we expect keyid to be a number.
*/
if ((keyid_val = atoi(keyid.str)) < 0) {
ret = rotn_error(rotn_encryptor, NULL, EINVAL, "rotn_customize: invalid keyid");
goto err;
}
if ((rotn_encryptor->keyid = malloc(keyid.len + 1)) == NULL) {
ret = errno;
Reported by FlawFinder.
Line: 329
Column: 9
CWE codes:
120
ret = errno;
goto err;
}
strncpy(rotn_encryptor->keyid, keyid.str, keyid.len + 1);
rotn_encryptor->keyid[keyid.len] = '\0';
}
/*
* In this demonstration, the secret key must be alphabetic characters. We stash the secret key
Reported by FlawFinder.
Line: 364
Column: 9
CWE codes:
120
rotn_encryptor->shift_back[i] = base - (u_char)secret.str[i];
}
rotn_encryptor->shift_len = len;
strncpy(rotn_encryptor->secretkey, secret.str, secret.len + 1);
rotn_encryptor->secretkey[secret.len] = '\0';
}
/*
* In a real encryptor, we could use some sophisticated key management here to map the keyid
Reported by FlawFinder.