The following issues were found
src/third_party/tomcrypt-1.18.2/src/headers/tomcrypt_prng.h
6 issues
Line: 14
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef LTC_YARROW
struct yarrow_prng {
int cipher, hash;
unsigned char pool[MAXBLOCKSIZE];
symmetric_CTR ctr;
};
#endif
#ifdef LTC_RC4
Reported by FlawFinder.
Line: 28
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef LTC_CHACHA20_PRNG
struct chacha20_prng {
chacha_state s; /* chacha state */
unsigned char ent[40]; /* entropy buffer */
unsigned long idx; /* entropy counter */
};
#endif
#ifdef LTC_FORTUNA
Reported by FlawFinder.
Line: 39
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
symmetric_key skey;
unsigned char K[32], /* the current key */
IV[16]; /* IV for CTR mode */
unsigned long pool_idx, /* current pool we will add to */
pool0_len, /* length of 0'th pool */
wd;
Reported by FlawFinder.
Line: 53
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef LTC_SOBER128
struct sober128_prng {
sober128_state s; /* sober128 state */
unsigned char ent[40]; /* entropy buffer */
unsigned long idx; /* entropy counter */
};
#endif
typedef struct {
Reported by FlawFinder.
Line: 60
Column: 7
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct {
union {
char dummy[1];
#ifdef LTC_YARROW
struct yarrow_prng yarrow;
#endif
#ifdef LTC_RC4
struct rc4_prng rc4;
Reported by FlawFinder.
Line: 110
Column: 21
CWE codes:
120
20
@param prng The PRNG state to read from
@return Number of octets read
*/
unsigned long (*read)(unsigned char *out, unsigned long outlen, prng_state *prng);
/** Terminate a PRNG state
@param prng The PRNG state to terminate
@return CRYPT_OK if successful
*/
int (*done)(prng_state *prng);
Reported by FlawFinder.
src/third_party/wiredtiger/test/fops/t.c
6 issues
Line: 40
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static FILE *logfp; /* Log file */
static char home[512];
static int handle_error(WT_EVENT_HANDLER *, WT_SESSION *, int, const char *);
static int handle_message(WT_EVENT_HANDLER *, WT_SESSION *, const char *);
static void onint(int) WT_GCC_FUNC_DECL_ATTRIBUTE((noreturn));
static void shutdown(void);
Reported by FlawFinder.
Line: 88
Column: 26
CWE codes:
362
working_dir = __wt_optarg;
break;
case 'l': /* log */
if ((logfp = fopen(__wt_optarg, "w")) == NULL) {
fprintf(stderr, "%s: %s\n", __wt_optarg, strerror(errno));
return (EXIT_FAILURE);
}
break;
case 'n': /* operations */
Reported by FlawFinder.
Line: 94
Column: 27
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
}
break;
case 'n': /* operations */
nops = (u_int)atoi(__wt_optarg);
break;
case 'r': /* runs */
runs = atoi(__wt_optarg);
break;
case 't':
Reported by FlawFinder.
Line: 97
Column: 20
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
nops = (u_int)atoi(__wt_optarg);
break;
case 'r': /* runs */
runs = atoi(__wt_optarg);
break;
case 't':
nthreads = (u_int)atoi(__wt_optarg);
break;
case 'x':
Reported by FlawFinder.
Line: 100
Column: 31
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
runs = atoi(__wt_optarg);
break;
case 't':
nthreads = (u_int)atoi(__wt_optarg);
break;
case 'x':
use_txn = true;
break;
default:
Reported by FlawFinder.
Line: 149
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static WT_EVENT_HANDLER event_handler = {
handle_error, handle_message, NULL, NULL /* Close handler. */
};
char config_buf[128];
testutil_make_work_dir(home);
testutil_check(__wt_snprintf(config_buf, sizeof(config_buf),
"create,error_prefix=\"%s\",cache_size=5MB%s%s,operation_tracking=(enabled=false)", progname,
Reported by FlawFinder.
src/third_party/boost/boost/regex/v5/regex_format.hpp
6 issues
Line: 389
Column: 30
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
std::ptrdiff_t max_len = m_end - m_position;
if((max_len >= 5) && std::equal(m_position, m_position + 5, MATCH))
{
m_position += 5;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 405
Column: 30
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put(this->m_results[0]);
return true;
}
if((max_len >= 8) && std::equal(m_position, m_position + 8, PREMATCH))
{
m_position += 8;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 421
Column: 30
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put(this->m_results.prefix());
return true;
}
if((max_len >= 9) && std::equal(m_position, m_position + 9, POSTMATCH))
{
m_position += 9;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 437
Column: 31
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put(this->m_results.suffix());
return true;
}
if((max_len >= 16) && std::equal(m_position, m_position + 16, LAST_PAREN_MATCH))
{
m_position += 16;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 453
Column: 31
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put((this->m_results)[this->m_results.size() > 1 ? static_cast<int>(this->m_results.size() - 1) : 1]);
return true;
}
if((max_len >= 20) && std::equal(m_position, m_position + 20, LAST_SUBMATCH_RESULT))
{
m_position += 20;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 469
Column: 30
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put(this->m_results.get_last_closed_paren());
return true;
}
if((max_len >= 2) && std::equal(m_position, m_position + 2, LAST_SUBMATCH_RESULT_ALT))
{
m_position += 2;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
src/third_party/wiredtiger/test/csuite/wt3338_partial_update/main.c
6 issues
Line: 48
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* of the buffer.
*/
#define MAX_REPL_BYTES 17
static char modify_repl[MAX_REPL_BYTES * 2]; /* Replacement bytes */
static WT_RAND_STATE rnd; /* RNG state */
/*
* show --
Reported by FlawFinder.
Line: 108
Column: 42
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for (i = 0; i < nentries; ++i)
printf("%d: {%.*s} %" WT_SIZET_FMT " bytes replacing %" WT_SIZET_FMT
" bytes @ %" WT_SIZET_FMT "\n",
i, (int)entries[i].data.size, (char *)entries[i].data.data, entries[i].data.size,
entries[i].size, entries[i].offset);
#endif
}
/*
Reported by FlawFinder.
Line: 158
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < nentries; ++i) {
/* Take leading bytes from the original, plus any gap bytes. */
if (entries[i].offset >= ta->size) {
memcpy(tb->mem, ta->mem, ta->size);
if (entries[i].offset > ta->size)
memset((uint8_t *)tb->mem + ta->size, '\0', entries[i].offset - ta->size);
} else if (entries[i].offset > 0)
memcpy(tb->mem, ta->mem, entries[i].offset);
tb->size = entries[i].offset;
Reported by FlawFinder.
Line: 162
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (entries[i].offset > ta->size)
memset((uint8_t *)tb->mem + ta->size, '\0', entries[i].offset - ta->size);
} else if (entries[i].offset > 0)
memcpy(tb->mem, ta->mem, entries[i].offset);
tb->size = entries[i].offset;
/* Take replacement bytes. */
if (entries[i].data.size > 0) {
memcpy((uint8_t *)tb->mem + tb->size, entries[i].data.data, entries[i].data.size);
Reported by FlawFinder.
Line: 167
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Take replacement bytes. */
if (entries[i].data.size > 0) {
memcpy((uint8_t *)tb->mem + tb->size, entries[i].data.data, entries[i].data.size);
tb->size += entries[i].data.size;
}
/* Take trailing bytes from the original. */
len = entries[i].offset + entries[i].size;
Reported by FlawFinder.
Line: 174
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Take trailing bytes from the original. */
len = entries[i].offset + entries[i].size;
if (ta->size > len) {
memcpy((uint8_t *)tb->mem + tb->size, (uint8_t *)ta->mem + len, ta->size - len);
tb->size += ta->size - len;
}
testutil_assert(tb->size <= size);
/* Swap the buffers and do it again. */
Reported by FlawFinder.
src/third_party/boost/boost/regex/v4/u32regex_token_iterator.hpp
6 issues
Line: 262
Column: 58
CWE codes:
126
// construction from an integral sub_match state_id:
inline u32regex_token_iterator<const char*> make_u32regex_token_iterator(const char* p, const u32regex& e, int submatch = 0, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_token_iterator<const char*>(p, p+std::strlen(p), e, submatch, m);
}
#ifndef BOOST_NO_WREGEX
inline u32regex_token_iterator<const wchar_t*> make_u32regex_token_iterator(const wchar_t* p, const u32regex& e, int submatch = 0, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_token_iterator<const wchar_t*>(p, p+std::wcslen(p), e, submatch, m);
Reported by FlawFinder.
Line: 267
Column: 61
CWE codes:
126
#ifndef BOOST_NO_WREGEX
inline u32regex_token_iterator<const wchar_t*> make_u32regex_token_iterator(const wchar_t* p, const u32regex& e, int submatch = 0, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_token_iterator<const wchar_t*>(p, p+std::wcslen(p), e, submatch, m);
}
#endif
#if !defined(BOOST_REGEX_UCHAR_IS_WCHAR_T)
inline u32regex_token_iterator<const UChar*> make_u32regex_token_iterator(const UChar* p, const u32regex& e, int submatch = 0, regex_constants::match_flag_type m = regex_constants::match_default)
{
Reported by FlawFinder.
Line: 291
Column: 58
CWE codes:
126
template <std::size_t N>
inline u32regex_token_iterator<const char*> make_u32regex_token_iterator(const char* p, const u32regex& e, const int (&submatch)[N], regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_token_iterator<const char*>(p, p+std::strlen(p), e, submatch, m);
}
#ifndef BOOST_NO_WREGEX
template <std::size_t N>
inline u32regex_token_iterator<const wchar_t*> make_u32regex_token_iterator(const wchar_t* p, const u32regex& e, const int (&submatch)[N], regex_constants::match_flag_type m = regex_constants::match_default)
{
Reported by FlawFinder.
Line: 297
Column: 61
CWE codes:
126
template <std::size_t N>
inline u32regex_token_iterator<const wchar_t*> make_u32regex_token_iterator(const wchar_t* p, const u32regex& e, const int (&submatch)[N], regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_token_iterator<const wchar_t*>(p, p+std::wcslen(p), e, submatch, m);
}
#endif
#if !defined(BOOST_REGEX_UCHAR_IS_WCHAR_T)
template <std::size_t N>
inline u32regex_token_iterator<const UChar*> make_u32regex_token_iterator(const UChar* p, const u32regex& e, const int (&submatch)[N], regex_constants::match_flag_type m = regex_constants::match_default)
Reported by FlawFinder.
Line: 322
Column: 58
CWE codes:
126
// construction from a vector of sub_match state_id's:
inline u32regex_token_iterator<const char*> make_u32regex_token_iterator(const char* p, const u32regex& e, const std::vector<int>& submatch, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_token_iterator<const char*>(p, p+std::strlen(p), e, submatch, m);
}
#ifndef BOOST_NO_WREGEX
inline u32regex_token_iterator<const wchar_t*> make_u32regex_token_iterator(const wchar_t* p, const u32regex& e, const std::vector<int>& submatch, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_token_iterator<const wchar_t*>(p, p+std::wcslen(p), e, submatch, m);
Reported by FlawFinder.
Line: 327
Column: 61
CWE codes:
126
#ifndef BOOST_NO_WREGEX
inline u32regex_token_iterator<const wchar_t*> make_u32regex_token_iterator(const wchar_t* p, const u32regex& e, const std::vector<int>& submatch, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_token_iterator<const wchar_t*>(p, p+std::wcslen(p), e, submatch, m);
}
#endif
#if !defined(U_WCHAR_IS_UTF16) && (U_SIZEOF_WCHAR_T != 2)
inline u32regex_token_iterator<const UChar*> make_u32regex_token_iterator(const UChar* p, const u32regex& e, const std::vector<int>& submatch, regex_constants::match_flag_type m = regex_constants::match_default)
{
Reported by FlawFinder.
src/third_party/boost/boost/regex/v4/regex_format.hpp
6 issues
Line: 412
Column: 30
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
std::ptrdiff_t max_len = m_end - m_position;
if((max_len >= 5) && std::equal(m_position, m_position + 5, MATCH))
{
m_position += 5;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 428
Column: 30
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put(this->m_results[0]);
return true;
}
if((max_len >= 8) && std::equal(m_position, m_position + 8, PREMATCH))
{
m_position += 8;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 444
Column: 30
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put(this->m_results.prefix());
return true;
}
if((max_len >= 9) && std::equal(m_position, m_position + 9, POSTMATCH))
{
m_position += 9;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 460
Column: 31
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put(this->m_results.suffix());
return true;
}
if((max_len >= 16) && std::equal(m_position, m_position + 16, LAST_PAREN_MATCH))
{
m_position += 16;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 476
Column: 31
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put((this->m_results)[this->m_results.size() > 1 ? static_cast<int>(this->m_results.size() - 1) : 1]);
return true;
}
if((max_len >= 20) && std::equal(m_position, m_position + 20, LAST_SUBMATCH_RESULT))
{
m_position += 20;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
Line: 492
Column: 30
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
put(this->m_results.get_last_closed_paren());
return true;
}
if((max_len >= 2) && std::equal(m_position, m_position + 2, LAST_SUBMATCH_RESULT_ALT))
{
m_position += 2;
if(have_brace)
{
if((m_position != m_end) && (*m_position == '}'))
Reported by FlawFinder.
buildscripts/clang_format.py
6 issues
Line: 107
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b310-urllib-urlopen
num_tries = 5
for attempt in range(num_tries):
try:
resp = urllib.request.urlopen(url)
with open(temp_tar_file, 'wb') as fh:
fh.write(resp.read())
break
except urllib.error.URLError:
if attempt == num_tries - 1:
Reported by Bandit.
Line: 18
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import re
import shutil
import string
import subprocess
import sys
import tarfile
import tempfile
import threading
import urllib.error
Reported by Bandit.
Line: 69
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
##############################################################################
def callo(args, **kwargs):
"""Call a program, and capture its output."""
return subprocess.check_output(args, **kwargs).decode('utf-8')
def get_tar_path(version, tar_path):
"""Return the path to clang-format in the llvm tarball."""
# pylint: disable=too-many-function-args
Reported by Bandit.
Line: 83
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
# Extract just the clang-format binary
# On OSX, we shell out to tar because tarfile doesn't support xz compression
if sys.platform == 'darwin':
subprocess.call(['tar', '-xzf', tar_path, '*clang-format*'])
# Otherwise we use tarfile because some versions of tar don't support wildcards without
# a special flag
else:
tarfp = tarfile.open(tar_path)
for name in tarfp.getnames():
Reported by Bandit.
Line: 83
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b607_start_process_with_partial_path.html
# Extract just the clang-format binary
# On OSX, we shell out to tar because tarfile doesn't support xz compression
if sys.platform == 'darwin':
subprocess.call(['tar', '-xzf', tar_path, '*clang-format*'])
# Otherwise we use tarfile because some versions of tar don't support wildcards without
# a special flag
else:
tarfp = tarfile.open(tar_path)
for name in tarfp.getnames():
Reported by Bandit.
Line: 290
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
formatted = True
with open(file_name, 'rb') as source_stream:
try:
reformatted_text = subprocess.check_output([
self.path, "--assume-filename=" +
(file_name if not file_name.endswith(".h") else file_name + "pp"),
"--style=file"
], stdin=source_stream)
except subprocess.CalledProcessError:
Reported by Bandit.
src/mongo/base/murmurhash3_test.cpp
6 issues
Line: 64
ConstDataView(hash).read<LittleEndian<uint64_t>>(8)};
}
TEST(MurmurHash3, TestVectors32) {
TEST_STRING32("", 0, 0ULL);
TEST_STRING32("", 1ULL, 0x514E28B7ULL);
TEST_STRING32("", 0xffffffffULL, 0x81F16F39ULL); // make sure seed value is handled unsigned
TEST_STRING32("\0\0\0\0"_sd, 0ULL, 0x2362F9DEULL); // make sure we handle embedded nulls
Reported by Cppcheck.
Line: 52
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
namespace {
uint32_t compute32(StringData input, uint32_t seed) {
char hash[4];
MurmurHash3_x86_32(input.rawData(), input.size(), seed, &hash);
return ConstDataView(hash).read<LittleEndian<uint32_t>>();
}
std::pair<uint64_t, uint64_t> compute128(StringData input, uint32_t seed) {
Reported by FlawFinder.
Line: 58
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
std::pair<uint64_t, uint64_t> compute128(StringData input, uint32_t seed) {
char hash[16];
MurmurHash3_x64_128(input.rawData(), input.size(), seed, &hash);
return {ConstDataView(hash).read<LittleEndian<uint64_t>>(),
ConstDataView(hash).read<LittleEndian<uint64_t>>(8)};
}
Reported by FlawFinder.
Line: 54
Column: 32
CWE codes:
120
20
uint32_t compute32(StringData input, uint32_t seed) {
char hash[4];
MurmurHash3_x86_32(input.rawData(), input.size(), seed, &hash);
return ConstDataView(hash).read<LittleEndian<uint32_t>>();
}
std::pair<uint64_t, uint64_t> compute128(StringData input, uint32_t seed) {
char hash[16];
MurmurHash3_x64_128(input.rawData(), input.size(), seed, &hash);
Reported by FlawFinder.
Line: 60
Column: 33
CWE codes:
120
20
std::pair<uint64_t, uint64_t> compute128(StringData input, uint32_t seed) {
char hash[16];
MurmurHash3_x64_128(input.rawData(), input.size(), seed, &hash);
return {ConstDataView(hash).read<LittleEndian<uint64_t>>(),
ConstDataView(hash).read<LittleEndian<uint64_t>>(8)};
}
TEST(MurmurHash3, TestVectors32) {
TEST_STRING32("", 0, 0ULL);
Reported by FlawFinder.
Line: 61
Column: 33
CWE codes:
120
20
char hash[16];
MurmurHash3_x64_128(input.rawData(), input.size(), seed, &hash);
return {ConstDataView(hash).read<LittleEndian<uint64_t>>(),
ConstDataView(hash).read<LittleEndian<uint64_t>>(8)};
}
TEST(MurmurHash3, TestVectors32) {
TEST_STRING32("", 0, 0ULL);
Reported by FlawFinder.
src/third_party/wiredtiger/test/csuite/wt4333_handle_locks/main.c
6 issues
Line: 41
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static u_int workers, uris;
static bool done = false;
static bool verbose = false;
static char *uri_list[750];
static char home[HOME_LEN];
extern char *__wt_optarg;
static void
uri_init(void)
Reported by FlawFinder.
Line: 42
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static bool done = false;
static bool verbose = false;
static char *uri_list[750];
static char home[HOME_LEN];
extern char *__wt_optarg;
static void
uri_init(void)
{
Reported by FlawFinder.
Line: 51
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_CURSOR *cursor;
WT_SESSION *session;
u_int i, key;
char buf[128];
for (i = 0; i < uris; ++i)
if (uri_list[i] == NULL) {
testutil_check(__wt_snprintf(buf, sizeof(buf), "table:%u", i));
uri_list[i] = dstrdup(buf);
Reported by FlawFinder.
Line: 97
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_CURSOR *cursor;
WT_DECL_RET;
u_int i, key;
char buf[128];
bool readonly;
/* Close any open cursor in the slot we're about to reuse. */
if (*cpp != NULL) {
testutil_check((*cpp)->close(*cpp));
Reported by FlawFinder.
Line: 254
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
pthread_t idlist[1000];
u_int i, j;
char buf[256];
done = false;
testutil_make_work_dir(home);
Reported by FlawFinder.
Line: 337
Column: 13
CWE codes:
120
verbose = true;
break;
case 'h':
strncpy(home, __wt_optarg, HOME_LEN);
home[HOME_LEN - 1] = '\0';
default_home = false;
break;
default:
fprintf(stderr, "usage: %s [-v]\n", argv[0]);
Reported by FlawFinder.
src/third_party/boost/boost/random/non_central_chi_squared_distribution.hpp
6 issues
Line: 29
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#include <boost/random/poisson_distribution.hpp>
namespace boost {
namespace random {
/**
* The noncentral chi-squared distribution is a real valued distribution with
* two parameter, @c k and @c lambda. The distribution produces values > 0.
*
Reported by FlawFinder.
Line: 147
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
{
using std::sqrt;
if (_param.k() > 1) {
boost::random::normal_distribution<RealType> n_dist;
boost::random::chi_squared_distribution<RealType> c_dist(_param.k() - RealType(1));
RealType _z = n_dist(eng);
RealType _x = c_dist(eng);
RealType term1 = _z + sqrt(_param.lambda());
return term1*term1 + _x;
Reported by FlawFinder.
Line: 148
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
using std::sqrt;
if (_param.k() > 1) {
boost::random::normal_distribution<RealType> n_dist;
boost::random::chi_squared_distribution<RealType> c_dist(_param.k() - RealType(1));
RealType _z = n_dist(eng);
RealType _x = c_dist(eng);
RealType term1 = _z + sqrt(_param.lambda());
return term1*term1 + _x;
}
Reported by FlawFinder.
Line: 155
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
return term1*term1 + _x;
}
else {
boost::random::poisson_distribution<> p_dist(_param.lambda()/RealType(2));
boost::random::poisson_distribution<>::result_type _p = p_dist(eng);
boost::random::chi_squared_distribution<RealType> c_dist(_param.k() + RealType(2)*_p);
return c_dist(eng);
}
}
Reported by FlawFinder.
Line: 156
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
}
else {
boost::random::poisson_distribution<> p_dist(_param.lambda()/RealType(2));
boost::random::poisson_distribution<>::result_type _p = p_dist(eng);
boost::random::chi_squared_distribution<RealType> c_dist(_param.k() + RealType(2)*_p);
return c_dist(eng);
}
}
Reported by FlawFinder.
Line: 157
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
else {
boost::random::poisson_distribution<> p_dist(_param.lambda()/RealType(2));
boost::random::poisson_distribution<>::result_type _p = p_dist(eng);
boost::random::chi_squared_distribution<RealType> c_dist(_param.k() + RealType(2)*_p);
return c_dist(eng);
}
}
/** Returns the @c k parameter of the distribution. */
Reported by FlawFinder.