The following issues were found
src/mongo/db/dbmessage.h
6 issues
Line: 122
Column: 26
CWE codes:
120
20
}
int64_t getCursorId() const {
return storage().read<LittleEndian<int64_t>>(offsetof(Layout, cursorId));
}
int32_t getStartingFrom() const {
return storage().read<LittleEndian<int32_t>>(offsetof(Layout, startingFrom));
}
Reported by FlawFinder.
Line: 126
Column: 26
CWE codes:
120
20
}
int32_t getStartingFrom() const {
return storage().read<LittleEndian<int32_t>>(offsetof(Layout, startingFrom));
}
int32_t getNReturned() const {
return storage().read<LittleEndian<int32_t>>(offsetof(Layout, nReturned));
}
Reported by FlawFinder.
Line: 130
Column: 26
CWE codes:
120
20
}
int32_t getNReturned() const {
return storage().read<LittleEndian<int32_t>>(offsetof(Layout, nReturned));
}
const char* data() const {
return storage().view(sizeof(Layout));
}
Reported by FlawFinder.
Line: 177
Column: 43
CWE codes:
120
20
}
int32_t getResultFlags() {
return DataView(msgdata().data()).read<LittleEndian<int32_t>>();
}
void setResultFlags(int32_t value) {
DataView(msgdata().data()).write(tagLittleEndian(value));
}
Reported by FlawFinder.
Line: 279
Column: 7
CWE codes:
120
20
// Read some type without advancing our position
template <typename T>
T read() const;
// Read some type, and advance our position
template <typename T>
T readAndAdvance();
Reported by FlawFinder.
Line: 392
Column: 58
CWE codes:
120
20
if (d.moreJSObjs()) {
fields = d.nextJsObj();
}
queryOptions = DataView(d.msg().header().data()).read<LittleEndian<int32_t>>();
}
/**
* A non-mutating constructor from the whole message.
*/
Reported by FlawFinder.
src/third_party/wiredtiger/test/csuite/wt4333_handle_locks/main.c
6 issues
Line: 41
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static u_int workers, uris;
static bool done = false;
static bool verbose = false;
static char *uri_list[750];
static char home[HOME_LEN];
extern char *__wt_optarg;
static void
uri_init(void)
Reported by FlawFinder.
Line: 42
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static bool done = false;
static bool verbose = false;
static char *uri_list[750];
static char home[HOME_LEN];
extern char *__wt_optarg;
static void
uri_init(void)
{
Reported by FlawFinder.
Line: 51
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_CURSOR *cursor;
WT_SESSION *session;
u_int i, key;
char buf[128];
for (i = 0; i < uris; ++i)
if (uri_list[i] == NULL) {
testutil_check(__wt_snprintf(buf, sizeof(buf), "table:%u", i));
uri_list[i] = dstrdup(buf);
Reported by FlawFinder.
Line: 97
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_CURSOR *cursor;
WT_DECL_RET;
u_int i, key;
char buf[128];
bool readonly;
/* Close any open cursor in the slot we're about to reuse. */
if (*cpp != NULL) {
testutil_check((*cpp)->close(*cpp));
Reported by FlawFinder.
Line: 254
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
pthread_t idlist[1000];
u_int i, j;
char buf[256];
done = false;
testutil_make_work_dir(home);
Reported by FlawFinder.
Line: 337
Column: 13
CWE codes:
120
verbose = true;
break;
case 'h':
strncpy(home, __wt_optarg, HOME_LEN);
home[HOME_LEN - 1] = '\0';
default_home = false;
break;
default:
fprintf(stderr, "usage: %s [-v]\n", argv[0]);
Reported by FlawFinder.
buildscripts/idl/idl/compiler.py
6 issues
Line: 40
Column: 1
import platform
from typing import Any, List
from . import binder
from . import errors
from . import generator
from . import parser
from . import syntax
Reported by Pylint.
Line: 41
Column: 1
from typing import Any, List
from . import binder
from . import errors
from . import generator
from . import parser
from . import syntax
Reported by Pylint.
Line: 42
Column: 1
from . import binder
from . import errors
from . import generator
from . import parser
from . import syntax
class CompilerArgs(object):
Reported by Pylint.
Line: 43
Column: 1
from . import binder
from . import errors
from . import generator
from . import parser
from . import syntax
class CompilerArgs(object):
"""Set of compiler arguments."""
Reported by Pylint.
Line: 44
Column: 1
from . import errors
from . import generator
from . import parser
from . import syntax
class CompilerArgs(object):
"""Set of compiler arguments."""
Reported by Pylint.
Line: 109
Column: 5
raise errors.IDLError(msg)
def open(self, resolved_file_name):
# type: (str) -> Any
"""Return an io.Stream for the requested file."""
return io.open(resolved_file_name, encoding='utf-8')
Reported by Pylint.
src/third_party/gperftools/dist/src/tests/profiler_unittest.cc
6 issues
Line: 90
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
fprintf(stderr, " 0 or 1 for single-threaded mode,\n");
fprintf(stderr, " -# to fork instead of thread.\n");
fprintf(stderr, " filename: The name of the output profile.\n");
fprintf(stderr, (" If you don't specify, set CPUPROFILE "
"in the environment instead!\n"));
return 1;
}
g_iters = atoi(argv[1]);
Reported by FlawFinder.
Line: 130
Column: 18
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
printf("FORK failed!\n");
return 1;
case 0: // child
return execl(argv[0], argv[0], argv[1], NULL);
default:
wait(NULL); // we'll let the kids run one at a time
}
}
#else
Reported by FlawFinder.
Line: 59
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
ProfilerRegisterThread();
int i, m;
char b[128];
MutexLock ml(&mutex);
for (m = 0; m < 1000000; ++m) { // run millions of times
for (i = 0; i < g_iters; ++i ) {
result ^= i;
}
Reported by FlawFinder.
Line: 72
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void test_main_thread() {
int i, m;
char b[128];
MutexLock ml(&mutex);
for (m = 0; m < 1000000; ++m) { // run millions of times
for (i = 0; i < g_iters; ++i ) {
result ^= i;
}
Reported by FlawFinder.
Line: 95
Column: 13
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
return 1;
}
g_iters = atoi(argv[1]);
int num_threads = 1;
const char* filename = NULL;
if (argc > 2) {
num_threads = atoi(argv[2]);
}
Reported by FlawFinder.
Line: 99
Column: 19
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
int num_threads = 1;
const char* filename = NULL;
if (argc > 2) {
num_threads = atoi(argv[2]);
}
if (argc > 3) {
filename = argv[3];
}
Reported by FlawFinder.
src/third_party/wiredtiger/test/csuite/wt3338_partial_update/main.c
6 issues
Line: 48
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* of the buffer.
*/
#define MAX_REPL_BYTES 17
static char modify_repl[MAX_REPL_BYTES * 2]; /* Replacement bytes */
static WT_RAND_STATE rnd; /* RNG state */
/*
* show --
Reported by FlawFinder.
Line: 108
Column: 42
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for (i = 0; i < nentries; ++i)
printf("%d: {%.*s} %" WT_SIZET_FMT " bytes replacing %" WT_SIZET_FMT
" bytes @ %" WT_SIZET_FMT "\n",
i, (int)entries[i].data.size, (char *)entries[i].data.data, entries[i].data.size,
entries[i].size, entries[i].offset);
#endif
}
/*
Reported by FlawFinder.
Line: 158
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < nentries; ++i) {
/* Take leading bytes from the original, plus any gap bytes. */
if (entries[i].offset >= ta->size) {
memcpy(tb->mem, ta->mem, ta->size);
if (entries[i].offset > ta->size)
memset((uint8_t *)tb->mem + ta->size, '\0', entries[i].offset - ta->size);
} else if (entries[i].offset > 0)
memcpy(tb->mem, ta->mem, entries[i].offset);
tb->size = entries[i].offset;
Reported by FlawFinder.
Line: 162
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (entries[i].offset > ta->size)
memset((uint8_t *)tb->mem + ta->size, '\0', entries[i].offset - ta->size);
} else if (entries[i].offset > 0)
memcpy(tb->mem, ta->mem, entries[i].offset);
tb->size = entries[i].offset;
/* Take replacement bytes. */
if (entries[i].data.size > 0) {
memcpy((uint8_t *)tb->mem + tb->size, entries[i].data.data, entries[i].data.size);
Reported by FlawFinder.
Line: 167
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Take replacement bytes. */
if (entries[i].data.size > 0) {
memcpy((uint8_t *)tb->mem + tb->size, entries[i].data.data, entries[i].data.size);
tb->size += entries[i].data.size;
}
/* Take trailing bytes from the original. */
len = entries[i].offset + entries[i].size;
Reported by FlawFinder.
Line: 174
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Take trailing bytes from the original. */
len = entries[i].offset + entries[i].size;
if (ta->size > len) {
memcpy((uint8_t *)tb->mem + tb->size, (uint8_t *)ta->mem + len, ta->size - len);
tb->size += ta->size - len;
}
testutil_assert(tb->size <= size);
/* Swap the buffers and do it again. */
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_util04.py
6 issues
Line: 31
Column: 1
import os
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util04.py
# Utilities: wt drop
class test_util04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util04.a'
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 31
Column: 1
import os
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util04.py
# Utilities: wt drop
class test_util04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util04.a'
Reported by Pylint.
Line: 31
Column: 1
import os
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util04.py
# Utilities: wt drop
class test_util04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util04.a'
Reported by Pylint.
Line: 35
Column: 1
# test_util04.py
# Utilities: wt drop
class test_util04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util04.a'
nentries = 1000
def test_drop_process(self):
"""
Reported by Pylint.
Line: 35
Column: 1
# test_util04.py
# Utilities: wt drop
class test_util04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util04.a'
nentries = 1000
def test_drop_process(self):
"""
Reported by Pylint.
src/third_party/boost/boost/iterator/iterator_facade.hpp
6 issues
Line: 566
Column: 19
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
}
template <class Facade1, class Facade2>
static bool equal(Facade1 const& f1, Facade2 const& f2, mpl::true_)
{
return f1.equal(f2);
}
template <class Facade1, class Facade2>
Reported by FlawFinder.
Line: 568
Column: 21
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
template <class Facade1, class Facade2>
static bool equal(Facade1 const& f1, Facade2 const& f2, mpl::true_)
{
return f1.equal(f2);
}
template <class Facade1, class Facade2>
static bool equal(Facade1 const& f1, Facade2 const& f2, mpl::false_)
{
Reported by FlawFinder.
Line: 572
Column: 19
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
}
template <class Facade1, class Facade2>
static bool equal(Facade1 const& f1, Facade2 const& f2, mpl::false_)
{
return f2.equal(f1);
}
template <class Facade>
Reported by FlawFinder.
Line: 574
Column: 21
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
template <class Facade1, class Facade2>
static bool equal(Facade1 const& f1, Facade2 const& f2, mpl::false_)
{
return f2.equal(f1);
}
template <class Facade>
static void advance(Facade& f, typename Facade::difference_type n)
{
Reported by FlawFinder.
Line: 900
Column: 46
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
, base_op \
)
BOOST_ITERATOR_FACADE_RELATION(==, return, equal)
BOOST_ITERATOR_FACADE_RELATION(!=, return !, equal)
# undef BOOST_ITERATOR_FACADE_RELATION
Reported by FlawFinder.
Line: 901
Column: 48
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
)
BOOST_ITERATOR_FACADE_RELATION(==, return, equal)
BOOST_ITERATOR_FACADE_RELATION(!=, return !, equal)
# undef BOOST_ITERATOR_FACADE_RELATION
# define BOOST_ITERATOR_FACADE_INTEROP_RANDOM_ACCESS(op, result_type, return_prefix, base_op) \
Reported by FlawFinder.
src/third_party/boost/boost/iostreams/filter/test.hpp
6 issues
Line: 45
Column: 8
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#include <boost/type_traits/is_array.hpp>
#include <boost/type_traits/is_same.hpp>
#undef memcpy
#undef rand
#undef strlen
#if defined(BOOST_NO_STDC_NAMESPACE) && !defined(__LIBCOMO__)
namespace std {
Reported by FlawFinder.
Line: 51
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#if defined(BOOST_NO_STDC_NAMESPACE) && !defined(__LIBCOMO__)
namespace std {
using ::memcpy;
using ::strlen;
#if BOOST_WORKAROUND(BOOST_BORLANDC, BOOST_TESTED_AT(0x564)) || \
BOOST_WORKAROUND(__MWERKS__, <= 0x3003) \
/**/
using ::rand;
Reported by FlawFinder.
Line: 103
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
(std::min) (n, static_cast<streamsize>(data_.size() - pos_));
streamsize amt = (std::min) (rand(inc_), avail);
if (amt)
memcpy(s, data_.c_str() + pos_, static_cast<size_t>(amt));
pos_ += amt;
return amt;
}
bool putback(char c)
Reported by FlawFinder.
Line: 47
Column: 8
CWE codes:
126
#undef memcpy
#undef rand
#undef strlen
#if defined(BOOST_NO_STDC_NAMESPACE) && !defined(__LIBCOMO__)
namespace std {
using ::memcpy;
using ::strlen;
Reported by FlawFinder.
Line: 52
Column: 13
CWE codes:
126
#if defined(BOOST_NO_STDC_NAMESPACE) && !defined(__LIBCOMO__)
namespace std {
using ::memcpy;
using ::strlen;
#if BOOST_WORKAROUND(BOOST_BORLANDC, BOOST_TESTED_AT(0x564)) || \
BOOST_WORKAROUND(__MWERKS__, <= 0x3003) \
/**/
using ::rand;
#endif
Reported by FlawFinder.
Line: 94
Column: 21
CWE codes:
120
20
std::streamsize inc = default_increment )
: data_(data), inc_(inc), pos_(0)
{ }
std::streamsize read(char* s, std::streamsize n)
{
using namespace std;
if (pos_ == static_cast<streamsize>(data_.size()))
return -1;
streamsize avail =
Reported by FlawFinder.
src/third_party/wiredtiger/test/csuite/scope/main.c
6 issues
Line: 59
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (recno) \
cursor->set_key(cursor, (uint64_t)1); \
else { \
strcpy(keybuf, KEY); \
cursor->set_key(cursor, keybuf); \
} \
} while (0)
#define SET_VALUE \
do { \
Reported by FlawFinder.
Line: 65
Column: 9
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
} while (0)
#define SET_VALUE \
do { \
strcpy(valuebuf, VALUE); \
if (vstring) \
cursor->set_value(cursor, valuebuf); \
else { \
vu.size = strlen(vu.data = valuebuf); \
cursor->set_value(cursor, &vu); \
Reported by FlawFinder.
Line: 143
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_ITEM vu;
uint64_t keyr;
const char *key, *vs;
char keybuf[100], valuebuf[100];
int exact;
bool recno, rollback, vstring;
cursor = NULL;
for (op = ops; op->op != NULL; op++) {
Reported by FlawFinder.
Line: 69
Column: 23
CWE codes:
126
if (vstring) \
cursor->set_value(cursor, valuebuf); \
else { \
vu.size = strlen(vu.data = valuebuf); \
cursor->set_value(cursor, &vu); \
} \
} while (0)
static void
Reported by FlawFinder.
Line: 326
Column: 44
CWE codes:
126
} else {
testutil_assert(cursor->get_value(cursor, &vu) == 0);
testutil_assert(vu.data != valuebuf);
testutil_assert(vu.size == strlen(VALUE));
testutil_assert(memcmp(vu.data, VALUE, strlen(VALUE)) == 0);
}
break;
}
Reported by FlawFinder.
Line: 327
Column: 56
CWE codes:
126
testutil_assert(cursor->get_value(cursor, &vu) == 0);
testutil_assert(vu.data != valuebuf);
testutil_assert(vu.size == strlen(VALUE));
testutil_assert(memcmp(vu.data, VALUE, strlen(VALUE)) == 0);
}
break;
}
if (rollback)
Reported by FlawFinder.
src/third_party/boost/boost/fusion/sequence/io/detail/in.hpp
6 issues
Line: 31
Column: 9
CWE codes:
120
20
// read a delimiter
template <typename IS>
static void
read(IS& is, char const* delim, mpl::false_ = mpl::false_())
{
detail::string_ios_manip<Tag, IS> manip(is);
manip.read(delim);
}
Reported by FlawFinder.
Line: 34
Column: 19
CWE codes:
120
20
read(IS& is, char const* delim, mpl::false_ = mpl::false_())
{
detail::string_ios_manip<Tag, IS> manip(is);
manip.read(delim);
}
template <typename IS>
static void
read(IS&, char const*, mpl::true_)
Reported by FlawFinder.
Line: 63
Column: 48
CWE codes:
120
20
is_last;
is >> *first;
delimiter_in<tuple_delimiter_tag>::read(is, " ", is_last);
call(is, fusion::next(first), last, is_last);
}
template <typename IS, typename First, typename Last>
static void
Reported by FlawFinder.
Line: 80
Column: 39
CWE codes:
120
20
inline void
read_sequence(IS& is, Sequence& seq)
{
delimiter_in<tuple_open_tag>::read(is, "(");
read_sequence_loop::call(is, fusion::begin(seq), fusion::end(seq));
delimiter_in<tuple_close_tag>::read(is, ")");
}
}}}
Reported by FlawFinder.
Line: 82
Column: 40
CWE codes:
120
20
{
delimiter_in<tuple_open_tag>::read(is, "(");
read_sequence_loop::call(is, fusion::begin(seq), fusion::end(seq));
delimiter_in<tuple_close_tag>::read(is, ")");
}
}}}
#endif
Reported by FlawFinder.