The following issues were found
src/third_party/IntelRDFPMathLib20U1/LIBRARY/src/bid128_mul.c
6 issues
Line: 177
CWE codes:
758
}
p_sign = x_sign ^ y_sign; // sign of the product
true_p_exp = (x_exp >> 49) - 6176 + (y_exp >> 49) - 6176;
// true_p_exp, p_exp are used only for 0 * 0, 0 * f, or f * 0
if (true_p_exp < -398)
p_exp = 0; // cannot be less than EXP_MIN
else if (true_p_exp > 369)
p_exp = (BID_UINT64) (369 + 398) << 53; // cannot be more than EXP_MAX
Reported by Cppcheck.
Line: 182
CWE codes:
758
if (true_p_exp < -398)
p_exp = 0; // cannot be less than EXP_MIN
else if (true_p_exp > 369)
p_exp = (BID_UINT64) (369 + 398) << 53; // cannot be more than EXP_MAX
else
p_exp = (BID_UINT64) (true_p_exp + 398) << 53;
if ((C1.w[1] == 0x0 && C1.w[0] == 0x0) ||
(C2.w[1] == 0x0 && C2.w[0] == 0x0)) {
Reported by Cppcheck.
Line: 184
CWE codes:
758
else if (true_p_exp > 369)
p_exp = (BID_UINT64) (369 + 398) << 53; // cannot be more than EXP_MAX
else
p_exp = (BID_UINT64) (true_p_exp + 398) << 53;
if ((C1.w[1] == 0x0 && C1.w[0] == 0x0) ||
(C2.w[1] == 0x0 && C2.w[0] == 0x0)) {
// x = 0 or y = 0
// the result is 0
Reported by Cppcheck.
Line: 396
CWE codes:
758
}
p_sign = x_sign ^ y_sign; // sign of the product
true_p_exp = (x_exp >> 49) - 6176 + (y_exp >> 49) - 6176;
// true_p_exp, p_exp are used only for 0 * 0, 0 * f, or f * 0
if (true_p_exp < -6176)
p_exp = 0; // cannot be less than EXP_MIN
else if (true_p_exp > 6111)
p_exp = (BID_UINT64) (6111 + 6176) << 49; // cannot be more than EXP_MAX
Reported by Cppcheck.
Line: 401
CWE codes:
758
if (true_p_exp < -6176)
p_exp = 0; // cannot be less than EXP_MIN
else if (true_p_exp > 6111)
p_exp = (BID_UINT64) (6111 + 6176) << 49; // cannot be more than EXP_MAX
else
p_exp = (BID_UINT64) (true_p_exp + 6176) << 49;
if ((C1.w[1] == 0x0 && C1.w[0] == 0x0) ||
(C2.w[1] == 0x0 && C2.w[0] == 0x0)) {
Reported by Cppcheck.
Line: 403
CWE codes:
758
else if (true_p_exp > 6111)
p_exp = (BID_UINT64) (6111 + 6176) << 49; // cannot be more than EXP_MAX
else
p_exp = (BID_UINT64) (true_p_exp + 6176) << 49;
if ((C1.w[1] == 0x0 && C1.w[0] == 0x0) ||
(C2.w[1] == 0x0 && C2.w[0] == 0x0)) {
// x = 0 or y = 0
// the result is 0
Reported by Cppcheck.
src/third_party/IntelRDFPMathLib20U1/LIBRARY/float128/mphoc_macros.h
6 issues
Line: 479
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define MPHOC_B_NEG_HUGE (-MPHOC_B_POS_HUGE)
#define _GENPOLY(coef, name, _offset, options, _degree) \
printf(STR(GENPOLY_EXECUTABLE one degree=%i cn=), _degree); \
printf(STR(STR(coef) define=)); \
printf(STR(STR(name) offset=%i options), _offset); \
printf(" ; echo \"\"\n" )
#define GENPOLY(coef, name, _degree) \
Reported by FlawFinder.
Line: 480
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define _GENPOLY(coef, name, _offset, options, _degree) \
printf(STR(GENPOLY_EXECUTABLE one degree=%i cn=), _degree); \
printf(STR(STR(coef) define=)); \
printf(STR(STR(name) offset=%i options), _offset); \
printf(" ; echo \"\"\n" )
#define GENPOLY(coef, name, _degree) \
printf(STR(GENPOLY_EXECUTABLE one degree=%i cn=), _degree); \
Reported by FlawFinder.
Line: 481
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define _GENPOLY(coef, name, _offset, options, _degree) \
printf(STR(GENPOLY_EXECUTABLE one degree=%i cn=), _degree); \
printf(STR(STR(coef) define=)); \
printf(STR(STR(name) offset=%i options), _offset); \
printf(" ; echo \"\"\n" )
#define GENPOLY(coef, name, _degree) \
printf(STR(GENPOLY_EXECUTABLE one degree=%i cn=), _degree); \
printf(STR(STR(coef) define=)); \
Reported by FlawFinder.
Line: 485
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
printf(" ; echo \"\"\n" )
#define GENPOLY(coef, name, _degree) \
printf(STR(GENPOLY_EXECUTABLE one degree=%i cn=), _degree); \
printf(STR(STR(coef) define=)); \
printf(STR(STR(name))); \
printf(" ; echo \"\"\n" )
Reported by FlawFinder.
Line: 486
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define GENPOLY(coef, name, _degree) \
printf(STR(GENPOLY_EXECUTABLE one degree=%i cn=), _degree); \
printf(STR(STR(coef) define=)); \
printf(STR(STR(name))); \
printf(" ; echo \"\"\n" )
#endif /* defined(NEW_MPHOC_MACROS) */
Reported by FlawFinder.
Line: 487
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define GENPOLY(coef, name, _degree) \
printf(STR(GENPOLY_EXECUTABLE one degree=%i cn=), _degree); \
printf(STR(STR(coef) define=)); \
printf(STR(STR(name))); \
printf(" ; echo \"\"\n" )
#endif /* defined(NEW_MPHOC_MACROS) */
Reported by FlawFinder.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Scanner/RC.py
6 issues
Line: 33
Column: 1
__revision__ = "src/engine/SCons/Scanner/RC.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import re
import SCons.Node.FS
import SCons.Scanner
Reported by Pylint.
Line: 1
Column: 1
"""SCons.Scanner.RC
This module implements the dependency scanner for RC (Interface
Definition Language) files.
"""
#
# Copyright (c) 2001 - 2019 The SCons Foundation
Reported by Pylint.
Line: 31
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
__revision__ = "src/engine/SCons/Scanner/RC.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import re
import SCons.Node.FS
import SCons.Scanner
Reported by Pylint.
Line: 47
Column: 1
return [n for n in nodes if str(n)[-4:] != '.tlb']
def RCScan():
"""Return a prototype Scanner instance for scanning RC source files"""
res_re= r'^(?:\s*#\s*(?:include)|' \
r'.*?\s+(?:ICON|BITMAP|CURSOR|HTML|FONT|MESSAGETABLE|TYPELIB|REGISTRY|D3DFX)' \
r'\s*.*?)' \
Reported by Pylint.
Line: 54
Column: 5
r'.*?\s+(?:ICON|BITMAP|CURSOR|HTML|FONT|MESSAGETABLE|TYPELIB|REGISTRY|D3DFX)' \
r'\s*.*?)' \
r'\s*(<|"| )([^>"\s]+)(?:[>"\s])*$'
resScanner = SCons.Scanner.ClassicCPP("ResourceScanner",
"$RCSUFFIXES",
"CPPPATH",
res_re,
recursive=no_tlb)
Reported by Pylint.
Line: 59
Column: 1
"CPPPATH",
res_re,
recursive=no_tlb)
return resScanner
# Local Variables:
# tab-width:4
# indent-tabs-mode:nil
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_excl.py
6 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
from wtscenario import make_scenarios
# Test session.create with the exclusive configuration.
class test_create_excl(wttest.WiredTigerTestCase):
scenarios = make_scenarios([
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
from wtscenario import make_scenarios
# Test session.create with the exclusive configuration.
class test_create_excl(wttest.WiredTigerTestCase):
scenarios = make_scenarios([
Reported by Pylint.
Line: 33
Column: 1
from wtscenario import make_scenarios
# Test session.create with the exclusive configuration.
class test_create_excl(wttest.WiredTigerTestCase):
scenarios = make_scenarios([
('file', dict(type='file:')),
('table', dict(type='table:'))
])
Reported by Pylint.
Line: 33
Column: 1
from wtscenario import make_scenarios
# Test session.create with the exclusive configuration.
class test_create_excl(wttest.WiredTigerTestCase):
scenarios = make_scenarios([
('file', dict(type='file:')),
('table', dict(type='table:'))
])
Reported by Pylint.
Line: 41
Column: 5
# Create the object with "exclusive", then assert that creation with
# "exclusive" fails.
def test_create_excl(self):
uri = self.type + 'create_excl'
self.session.create(uri, "exclusive")
self.assertRaises(wiredtiger.WiredTigerError,
lambda: self.session.create(uri, "exclusive"))
Reported by Pylint.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Scanner/D.py
6 issues
Line: 1
Column: 1
"""SCons.Scanner.D
Scanner for the Digital Mars "D" programming language.
Coded by Andy Friesen
17 Nov 2003
"""
Reported by Pylint.
Line: 33
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
__revision__ = "src/engine/SCons/Scanner/D.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import SCons.Scanner
def DScanner():
"""Return a prototype Scanner instance for scanning D source files"""
Reported by Pylint.
Line: 37
Column: 1
import SCons.Scanner
def DScanner():
"""Return a prototype Scanner instance for scanning D source files"""
ds = D()
return ds
class D(SCons.Scanner.Classic):
Reported by Pylint.
Line: 39
Column: 5
def DScanner():
"""Return a prototype Scanner instance for scanning D source files"""
ds = D()
return ds
class D(SCons.Scanner.Classic):
def __init__ (self):
SCons.Scanner.Classic.__init__ (
Reported by Pylint.
Line: 42
Column: 1
ds = D()
return ds
class D(SCons.Scanner.Classic):
def __init__ (self):
SCons.Scanner.Classic.__init__ (
self,
name = "DScanner",
suffixes = '$DSUFFIXES',
Reported by Pylint.
Line: 42
Column: 1
ds = D()
return ds
class D(SCons.Scanner.Classic):
def __init__ (self):
SCons.Scanner.Classic.__init__ (
self,
name = "DScanner",
suffixes = '$DSUFFIXES',
Reported by Pylint.
src/mongo/util/string_map_test.cpp
6 issues
Line: 41
namespace {
using namespace mongo;
TEST(StringMapTest, Hash1) {
StringSet::hasher hash;
ASSERT_EQUALS(hash(""), hash(""));
ASSERT_EQUALS(hash("a"), hash("a"));
ASSERT_EQUALS(hash("abc"), hash("abc"));
Reported by Cppcheck.
Line: 86
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
TEST(StringMapTest, Big1) {
StringMap<int> m;
char buf[64];
for (int i = 0; i < 10000; i++) {
sprintf(buf, "foo%d", i);
m[buf] = i;
}
Reported by FlawFinder.
Line: 89
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
char buf[64];
for (int i = 0; i < 10000; i++) {
sprintf(buf, "foo%d", i);
m[buf] = i;
}
for (int i = 0; i < 10000; i++) {
sprintf(buf, "foo%d", i);
Reported by FlawFinder.
Line: 94
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
}
for (int i = 0; i < 10000; i++) {
sprintf(buf, "foo%d", i);
ASSERT_EQUALS(m[buf], i);
}
}
TEST(StringMapTest, find1) {
Reported by FlawFinder.
Line: 121
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
TEST(StringMapTest, Erase1) {
StringMap<int> m;
char buf[64];
m["eliot"] = 5;
ASSERT_EQUALS(5, m["eliot"]);
ASSERT_EQUALS(1U, m.size());
ASSERT_EQUALS(false, m.empty());
Reported by FlawFinder.
Line: 140
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
size_t before = m.capacity();
for (int i = 0; i < 10000; i++) {
sprintf(buf, "foo%d", i);
m[buf] = i;
ASSERT_EQUALS(i, m[buf]);
ASSERT_EQUALS(1U, m.erase(buf));
ASSERT(m.end() == m.find(buf));
}
Reported by FlawFinder.
src/mongo/util/net/ssl_manager_openssl.cpp
6 issues
Line: 1485
MONGO_INITIALIZER_WITH_PREREQUISITES(SSLManager, ("SetupOpenSSL", "EndStartupOptionHandling"))
(InitializerContext*) {
if (!isSSLServer || (sslGlobalParams.sslMode.load() != SSLParams::SSLMode_disabled)) {
theSSLManagerCoordinator = new SSLManagerCoordinator();
}
sMongoDbRolesOID = OBJ_create(mongodbRolesOID.identifier.c_str(),
mongodbRolesOID.shortDescription.c_str(),
Reported by Cppcheck.
Line: 406
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
prevSet = currentSet;
}
char buffer[128];
// OBJ_obj2txt can only fail if we pass a nullptr from get_object,
// or if OpenSSL's BN library falls over.
// In either case, just panic.
uassert(ErrorCodes::InvalidSSLConfiguration,
"Unable to parse certificate subject name",
Reported by FlawFinder.
Line: 443
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return Date_t();
}
char dateChar[DATE_LEN];
timeError = BIO_gets(outBIO, dateChar, DATE_LEN);
if (timeError <= 0) {
LOGV2_ERROR(23242, "BIO_gets call failed to transfer contents to buf");
return Date_t();
}
Reported by FlawFinder.
Line: 2901
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* the data to/from the TLS layer.
*/
void SSLManagerOpenSSL::_flushNetworkBIO(SSLConnectionOpenSSL* conn) {
char buffer[BUFFER_SIZE];
int wantWrite;
/*
* Write the complete contents of the buffer. Leaving the buffer
* unflushed could cause a deadlock.
Reported by FlawFinder.
Line: 3253
Column: 21
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (ipAddrStruct->length == 4) {
struct sockaddr_in* sa = reinterpret_cast<struct sockaddr_in*>(&ss);
sa->sin_family = AF_INET;
memcpy(&(sa->sin_addr), ipAddrStruct->data, ipAddrStruct->length);
} else if (ipAddrStruct->length == 16) {
struct sockaddr_in6* sa = reinterpret_cast<struct sockaddr_in6*>(&ss);
sa->sin6_family = AF_INET6;
memcpy(&(sa->sin6_addr), ipAddrStruct->data, ipAddrStruct->length);
}
Reported by FlawFinder.
Line: 3257
Column: 21
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
} else if (ipAddrStruct->length == 16) {
struct sockaddr_in6* sa = reinterpret_cast<struct sockaddr_in6*>(&ss);
sa->sin6_family = AF_INET6;
memcpy(&(sa->sin6_addr), ipAddrStruct->data, ipAddrStruct->length);
}
auto ipAddress =
SockAddr(reinterpret_cast<struct sockaddr*>(&ss), sizeof(ss)).getAddr();
auto swIpAddress = CIDR::parse(ipAddress);
if (swCIDRRemoteHost.isOK() && swIpAddress.isOK() &&
Reported by FlawFinder.
src/third_party/s2/util/math/exactfloat/exactfloat.cc
5 issues
Line: 324
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
str.push_back('.');
str.append(digits.begin() + 1, digits.end());
}
char exp_buf[20];
sprintf(exp_buf, "e%+02d", exp10 - 1);
str += exp_buf;
} else {
// Use fixed format. We split this into two cases depending on whether
// the integer portion is non-zero or not.
Reported by FlawFinder.
Line: 325
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
str.append(digits.begin() + 1, digits.end());
}
char exp_buf[20];
sprintf(exp_buf, "e%+02d", exp10 - 1);
str += exp_buf;
} else {
// Use fixed format. We split this into two cases depending on whether
// the integer portion is non-zero or not.
if (exp10 > 0) {
Reported by FlawFinder.
Line: 427
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
string ExactFloat::ToUniqueString() const {
char prec_buf[20];
sprintf(prec_buf, "<%d>", prec());
return ToString() + prec_buf;
}
ExactFloat& ExactFloat::operator=(const ExactFloat& b) {
Reported by FlawFinder.
Line: 428
Column: 3
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
string ExactFloat::ToUniqueString() const {
char prec_buf[20];
sprintf(prec_buf, "<%d>", prec());
return ToString() + prec_buf;
}
ExactFloat& ExactFloat::operator=(const ExactFloat& b) {
if (this != &b) {
Reported by FlawFinder.
Line: 390
Column: 20
CWE codes:
126
DCHECK(all_digits != NULL);
BN_free(bn);
// Check whether we have too many digits and round if necessary.
int num_digits = strlen(all_digits);
if (num_digits <= max_digits) {
*digits = all_digits;
} else {
digits->assign(all_digits, max_digits);
// Standard "printf" formatting rounds ties to an even number. This means
Reported by FlawFinder.
src/third_party/wiredtiger/test/3rdparty/testscenarios-0.4/doc/test_sample.py
5 issues
Line: 1
Column: 1
# testscenarios: extensions to python unittest to allow declarative
# dependency injection ('scenarios') by tests.
#
# Copyright (c) 2009, Robert Collins <robertc@robertcollins.net>
#
# Licensed under either the Apache License, Version 2.0 or the BSD 3-clause
# license at the users choice. A copy of both licenses are available in the
# project source as Apache-2.0 and BSD. You may not use this file except in
# compliance with one of these two licences.
Reported by Pylint.
Line: 5
Column: 2
# dependency injection ('scenarios') by tests.
#
# Copyright (c) 2009, Robert Collins <robertc@robertcollins.net>
#
# Licensed under either the Apache License, Version 2.0 or the BSD 3-clause
# license at the users choice. A copy of both licenses are available in the
# project source as Apache-2.0 and BSD. You may not use this file except in
# compliance with one of these two licences.
#
Reported by Pylint.
Line: 10
Column: 2
# license at the users choice. A copy of both licenses are available in the
# project source as Apache-2.0 and BSD. You may not use this file except in
# compliance with one of these two licences.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under these licenses is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# license you chose for the specific language governing permissions and
# limitations under that license.
Reported by Pylint.
Line: 19
Column: 1
import unittest
class TestSample(unittest.TestCase):
def test_so_easy(self):
pass
Reported by Pylint.
Line: 21
Column: 5
class TestSample(unittest.TestCase):
def test_so_easy(self):
pass
Reported by Pylint.
src/mongo/db/storage/storage_engine_metadata.cpp
5 issues
Line: 73
Column: 10
CWE codes:
362
bool fsyncFile(boost::filesystem::path path) {
invariant(path.has_filename());
File file;
file.open(path.string().c_str(), /*read-only*/ false, /*direct-io*/ false);
if (!file.is_open()) {
return false;
}
file.fsync();
return true;
Reported by FlawFinder.
Line: 236
Column: 16
CWE codes:
362
LOGV2_DEBUG(22284, 1, "flushing directory {dir_string}", "dir_string"_attr = dir.string());
int fd = ::open(dir.string().c_str(), O_RDONLY); // DO NOT THROW OR ASSERT BEFORE CLOSING
massert(13650,
str::stream() << "Couldn't open directory '" << dir.string()
<< "' for flushing: " << errnoWithDescription(),
fd >= 0);
if (fsync(fd) != 0) {
Reported by FlawFinder.
Line: 86
Column: 35
CWE codes:
120
20
std::unique_ptr<StorageEngineMetadata> metadata;
if (boost::filesystem::exists(boost::filesystem::path(dbpath) / kMetadataBasename)) {
metadata.reset(new StorageEngineMetadata(dbpath));
Status status = metadata->read();
if (!status.isOK()) {
LOGV2_FATAL_NOTRACE(28661,
"Unable to read the storage engine metadata file: {error}",
"Unable to read the storage engine metadata file",
"error"_attr = status);
Reported by FlawFinder.
Line: 134
Column: 31
CWE codes:
120
20
_storageEngineOptions = storageEngineOptions.getOwned();
}
Status StorageEngineMetadata::read() {
reset();
boost::filesystem::path metadataPath = boost::filesystem::path(_dbpath) / kMetadataBasename;
if (!boost::filesystem::exists(metadataPath)) {
Reported by FlawFinder.
Line: 166
Column: 13
CWE codes:
120
20
}
// Read BSON from file
ifs.read(&buffer[0], buffer.size());
if (!ifs) {
return Status(ErrorCodes::FileStreamFailed,
str::stream()
<< "Unable to read BSON data from " << metadataPath.string());
}
Reported by FlawFinder.