The following issues were found
src/third_party/mozjs-60/extract/js/src/vm/Printer.cpp
5 issues
Line: 69
Column: 17
CWE codes:
134
Suggestion:
Use a constant for the format specification
}
bool
GenericPrinter::printf(const char* fmt, ...)
{
va_list va;
va_start(va, fmt);
bool r = vprintf(fmt, va);
va_end(va);
Reported by FlawFinder.
Line: 73
Column: 14
CWE codes:
134
Suggestion:
Use a constant for the format specification
{
va_list va;
va_start(va, fmt);
bool r = vprintf(fmt, va);
va_end(va);
return r;
}
bool
Reported by FlawFinder.
Line: 79
Column: 17
CWE codes:
134
Suggestion:
Use a constant for the format specification
}
bool
GenericPrinter::vprintf(const char* fmt, va_list ap)
{
// Simple shortcut to avoid allocating strings.
if (strchr(fmt, '%') == nullptr)
return put(fmt);
Reported by FlawFinder.
Line: 273
Column: 14
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list ap;
va_start(ap, format);
bool r = vprintf(format, ap);
va_end(ap);
return r;
}
Reported by FlawFinder.
Line: 414
Column: 13
CWE codes:
362
Fprinter::init(const char* path)
{
MOZ_ASSERT(!file_);
file_ = fopen(path, "w");
if (!file_)
return false;
init_ = true;
return true;
}
Reported by FlawFinder.
src/mongo/db/ftdc/file_manager_test.cpp
5 issues
Line: 60
class FTDCFileManagerTest : public ServiceContextTest {};
// Test a full buffer
TEST_F(FTDCFileManagerTest, TestFull) {
Client* client = &cc();
FTDCConfig c;
c.maxFileSizeBytes = 300;
c.maxDirectorySizeBytes = 1000;
c.maxSamplesPerInterimMetricChunk = 1;
Reported by Cppcheck.
Line: 132
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
void ValidateInterimFileHasData(const boost::filesystem::path& dir, bool hasData) {
char buf[sizeof(std::int32_t)];
auto interimFile = FTDCUtil::getInterimFile(dir);
ASSERT_EQUALS(boost::filesystem::exists(interimFile), hasData);
if (!hasData) {
Reported by FlawFinder.
Line: 316
Column: 26
CWE codes:
362
{
FTDCFileWriter writer(&c);
ASSERT_OK(writer.open(fileOut));
ASSERT_OK(writer.writeMetadata(mdoc1, Date_t()));
ASSERT_OK(writer.writeSample(sdoc1, Date_t()));
ASSERT_OK(writer.writeSample(sdoc1, Date_t()));
Reported by FlawFinder.
Line: 142
Column: 12
CWE codes:
120
20
}
std::fstream stream(interimFile.c_str());
stream.read(&buf[0], sizeof(buf));
ASSERT_EQUALS(4, stream.gcount());
std::uint32_t bsonLength = ConstDataView(buf).read<LittleEndian<std::int32_t>>();
ASSERT_EQUALS(static_cast<bool>(bsonLength), hasData);
Reported by FlawFinder.
Line: 145
Column: 51
CWE codes:
120
20
stream.read(&buf[0], sizeof(buf));
ASSERT_EQUALS(4, stream.gcount());
std::uint32_t bsonLength = ConstDataView(buf).read<LittleEndian<std::int32_t>>();
ASSERT_EQUALS(static_cast<bool>(bsonLength), hasData);
}
// Test a normal restart
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/vm/JSScript.cpp
5 issues
Line: 3369
return script->offsetToPC(offset);
}
JS_FRIEND_API(unsigned)
js::GetScriptLineExtent(JSScript* script)
{
unsigned lineno = script->lineno();
unsigned maxLineNo = lineno;
for (jssrcnote* sn = script->notes(); !SN_IS_TERMINATOR(sn); sn = SN_NEXT(sn)) {
Reported by Cppcheck.
Line: 2321
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// (JS_smprintf would be perfect, as that allocates the result
// dynamically as it formats the string, but it won't allocate from cx,
// and wants us to use a special free function.)
char linenoBuf[15];
size_t filenameLen = strlen(filename);
size_t linenoLen = SprintfLiteral(linenoBuf, "%u", lineno);
size_t introducerLen = strlen(introducer);
size_t len = filenameLen +
6 /* == strlen(" line ") */ +
Reported by FlawFinder.
Line: 3589
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
dst->dataSize_ = size;
MOZ_ASSERT(bool(dst->data) == bool(src->data));
if (dst->data)
memcpy(dst->data, src->data, size);
if (cx->zone() != src->zoneFromAnyThread()) {
for (size_t i = 0; i < src->scriptData()->natoms(); i++)
cx->markAtom(src->scriptData()->atoms()[i]);
}
Reported by FlawFinder.
Line: 2322
Column: 26
CWE codes:
126
// dynamically as it formats the string, but it won't allocate from cx,
// and wants us to use a special free function.)
char linenoBuf[15];
size_t filenameLen = strlen(filename);
size_t linenoLen = SprintfLiteral(linenoBuf, "%u", lineno);
size_t introducerLen = strlen(introducer);
size_t len = filenameLen +
6 /* == strlen(" line ") */ +
linenoLen +
Reported by FlawFinder.
Line: 2324
Column: 28
CWE codes:
126
char linenoBuf[15];
size_t filenameLen = strlen(filename);
size_t linenoLen = SprintfLiteral(linenoBuf, "%u", lineno);
size_t introducerLen = strlen(introducer);
size_t len = filenameLen +
6 /* == strlen(" line ") */ +
linenoLen +
3 /* == strlen(" > ") */ +
introducerLen +
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/vm/SavedStacks.cpp
5 issues
Line: 651
return GetFirstMatchedFrame(cx, SavedFrameSubsumedByCaller, frame, selfHosted, skippedAsync);
}
JS_FRIEND_API(JSObject*)
GetFirstSubsumedSavedFrame(JSContext* cx, HandleObject savedFrame,
JS::SavedFrameSelfHosted selfHosted)
{
if (!savedFrame)
return nullptr;
Reported by Cppcheck.
Line: 1482
Column: 66
CWE codes:
126
// Atomize the async cause string. There should only be a few
// different strings used.
const char* cause = activation.asyncCause();
RootedAtom causeAtom(cx, AtomizeUTF8Chars(cx, cause, strlen(cause)));
if (!causeAtom)
return false;
// Translate our capture into a frame count limit for
// adoptAsyncStack, which will impose further limits.
Reported by FlawFinder.
Line: 1708
Column: 55
CWE codes:
126
locationp.setSource(AtomizeChars(cx, displayURL, js_strlen(displayURL)));
} else {
const char* filename = iter.filename() ? iter.filename() : "";
locationp.setSource(Atomize(cx, filename, strlen(filename)));
}
if (!locationp.source())
return false;
uint32_t column = 0;
Reported by FlawFinder.
Line: 1734
Column: 44
CWE codes:
126
source = AtomizeChars(cx, displayURL, js_strlen(displayURL));
} else {
const char* filename = script->filename() ? script->filename() : "";
source = Atomize(cx, filename, strlen(filename));
}
if (!source)
return false;
uint32_t column;
Reported by FlawFinder.
Line: 1838
Column: 30
CWE codes:
126
return UTF8CharsZ();
char* chars = JS_EncodeStringToUTF8(cx, stackStr);
return UTF8CharsZ(chars, strlen(chars));
}
} /* namespace js */
namespace JS {
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/vm/CharacterEncoding.cpp
5 issues
Line: 71
return nbytes;
}
JS_PUBLIC_API(size_t)
JS::GetDeflatedUTF8StringLength(JSFlatString* s)
{
JS::AutoCheckCannotGC nogc;
return s->hasLatin1Chars()
? ::GetDeflatedUTF8StringLength(s->latin1Chars(nogc), s->length())
Reported by Cppcheck.
Line: 231
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void
ReportInvalidCharacter(JSContext* cx, uint32_t offset)
{
char buffer[10];
SprintfLiteral(buffer, "%u", offset);
JS_ReportErrorFlagsAndNumberASCII(cx, JSREPORT_ERROR, GetErrorMessage, nullptr,
JSMSG_MALFORMED_UTF8_CHAR, buffer);
}
Reported by FlawFinder.
Line: 246
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void
ReportTooBigCharacter(JSContext* cx, uint32_t v)
{
char buffer[10];
SprintfLiteral(buffer, "0x%x", v + 0x10000);
JS_ReportErrorFlagsAndNumberASCII(cx, JSREPORT_ERROR, GetErrorMessage, nullptr,
JSMSG_UTF8_CHAR_TOO_LARGE, buffer);
}
Reported by FlawFinder.
Line: 431
Column: 35
CWE codes:
126
TwoByteCharsZ
JS::UTF8CharsToNewTwoByteCharsZ(JSContext* cx, const ConstUTF8CharsZ& utf8, size_t* outlen)
{
UTF8Chars chars(utf8.c_str(), strlen(utf8.c_str()));
return InflateUTF8StringHelper<CountAndReportInvalids, TwoByteCharsZ>(cx, chars, outlen);
}
TwoByteCharsZ
JS::LossyUTF8CharsToNewTwoByteCharsZ(JSContext* cx, const JS::UTF8Chars utf8, size_t* outlen)
Reported by FlawFinder.
Line: 444
Column: 35
CWE codes:
126
TwoByteCharsZ
JS::LossyUTF8CharsToNewTwoByteCharsZ(JSContext* cx, const JS::ConstUTF8CharsZ& utf8, size_t* outlen)
{
UTF8Chars chars(utf8.c_str(), strlen(utf8.c_str()));
return InflateUTF8StringHelper<CountAndIgnoreInvalids, TwoByteCharsZ>(cx, chars, outlen);
}
JS::SmallestEncoding
JS::FindSmallestEncoding(UTF8Chars utf8)
Reported by FlawFinder.
src/mongo/db/free_mon/free_mon_processor.cpp
5 issues
Line: 70
Column: 36
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
constexpr auto kMetricsRequestArrayElement = "data"_sd;
int64_t randomJitter(PseudoRandom& random, int64_t min, int64_t max) {
dassert(max > min);
return (std::abs(random.nextInt64()) % (max - min)) + min;
}
} // namespace
Reported by FlawFinder.
Line: 72
Column: 22
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
int64_t randomJitter(PseudoRandom& random, int64_t min, int64_t max) {
dassert(max > min);
return (std::abs(random.nextInt64()) % (max - min)) + min;
}
} // namespace
void RegistrationRetryCounter::reset() {
Reported by FlawFinder.
Line: 276
Column: 34
CWE codes:
120
20
}
void FreeMonProcessor::readState(OperationContext* opCtx, bool updateInMemory) {
auto state = FreeMonStorage::read(opCtx);
_lastReadState = state;
if (state.is_initialized()) {
invariant(state.get().getVersion() == kStorageVersion);
Reported by FlawFinder.
Line: 316
Column: 42
CWE codes:
120
20
{
auto optCtx = client->makeOperationContext();
auto state = FreeMonStorage::read(optCtx.get());
// If our in-memory copy matches the last read, then write it to disk
if (state == _lastReadState) {
FreeMonStorage::replace(optCtx.get(), _state.get());
Reported by FlawFinder.
Line: 349
Column: 38
CWE codes:
120
20
auto optCtx = client->makeOperationContext();
// Check if there is an existing document
auto state = FreeMonStorage::read(optCtx.get());
// If there is no document, we may be:
// 1. in a replica set and may need to register after becoming primary since we cannot
// record the registration id until after becoming primary
// 2. a standalone which has never been registered
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/jsexn.cpp
5 issues
Line: 833
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!filename) {
filename = "FILE_NOT_FOUND";
}
char histogramKey[64];
SprintfLiteral(histogramKey, "%s %s %s %u",
addonIdChars.get(),
funname,
filename,
(reportp ? reportp->lineno : 0) );
Reported by FlawFinder.
Line: 286
Column: 46
CWE codes:
126
JS_STATIC_ASSERT(sizeof(T) % sizeof(const char*) == 0);
JS_STATIC_ASSERT(sizeof(const char*) % sizeof(char16_t) == 0);
size_t filenameSize = report->filename ? strlen(report->filename) + 1 : 0;
size_t messageSize = 0;
if (report->message())
messageSize = strlen(report->message().c_str()) + 1;
/*
Reported by FlawFinder.
Line: 289
Column: 23
CWE codes:
126
size_t filenameSize = report->filename ? strlen(report->filename) + 1 : 0;
size_t messageSize = 0;
if (report->message())
messageSize = strlen(report->message().c_str()) + 1;
/*
* The mallocSize can not overflow since it represents the sum of the
* sizes of already allocated objects.
*/
Reported by FlawFinder.
Line: 1007
Column: 60
CWE codes:
126
return false;
}
} else {
toStringResult_ = JS::ConstUTF8CharsZ(utf8Message, strlen(utf8Message));
/* Flag the error as an exception. */
reportp->flags |= JSREPORT_EXCEPTION;
}
return true;
Reported by FlawFinder.
Line: 1136
Column: 27
CWE codes:
126
s = "the typed array ";
else
s = "the object ";
if (!sb.append(s, strlen(s)))
return "<<error converting value to string>>";
} else if (val.isNumber()) {
if (!sb.append("the number "))
return "<<error converting value to string>>";
} else if (val.isString()) {
Reported by FlawFinder.
src/third_party/wiredtiger/test/3rdparty/discover-0.4.0/setup.py
5 issues
Line: 10
Column: 1
# This software is licensed under the terms of the BSD license.
# http://www.voidspace.org.uk/python/license.shtml
import sys
from distutils.core import setup
from discover import __version__ as VERSION
NAME = 'discover'
Reported by Pylint.
Line: 59
Column: 5
try:
from setuptools import setup
except ImportError:
from distutils.core import setup
else:
params.update(dict(
entry_points = {
Reported by Pylint.
Line: 61
Column: 5
try:
from setuptools import setup
except ImportError:
from distutils.core import setup
else:
params.update(dict(
entry_points = {
'console_scripts': [
'discover = discover:main',
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
# setup.py
# Install script for discover.py
# Copyright (C) 2009-2010 Michael Foord
# E-mail: michael AT voidspace DOT org DOT uk
# This software is licensed under the terms of the BSD license.
# http://www.voidspace.org.uk/python/license.shtml
Reported by Pylint.
Line: 74
Column: 1
setup(**params)
Reported by Pylint.
src/third_party/mozjs-60/extract/js/src/jit/OptimizationTracking.cpp
5 issues
Line: 90
return VectorContentsMatch(&attempts_, &other);
}
JS_PUBLIC_API(const char*)
JS::TrackedStrategyString(TrackedStrategy strategy)
{
switch (strategy) {
#define STRATEGY_CASE(name) \
case TrackedStrategy::name: \
Reported by Cppcheck.
Line: 1234
Column: 17
CWE codes:
134
Suggestion:
Use a constant for the format specification
char locationBuf[20];
if (!name) {
uintptr_t addr = JS_FUNC_TO_DATA_PTR(uintptr_t, fun->native());
snprintf(locationBuf, mozilla::ArrayLength(locationBuf), "%" PRIxPTR, addr);
}
op_.readType("native", name, name ? nullptr : locationBuf, Nothing());
return;
}
Reported by FlawFinder.
Line: 876
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return;
}
char buf[512];
if (constructor->displayAtom())
PutEscapedString(buf, 512, constructor->displayAtom(), 0);
else
snprintf(buf, mozilla::ArrayLength(buf), "??");
Reported by FlawFinder.
Line: 1199
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return;
}
char buf[512];
const uint32_t bufsize = mozilla::ArrayLength(buf);
if (JSFunction* fun = FunctionFromTrackedType(tracked)) {
// The displayAtom is useful for identifying both native and
// interpreted functions.
Reported by FlawFinder.
Line: 1231
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// if (dladdr(addr, &info) != 0)
// offset = uintptr_t(addr) - uintptr_t(info.dli_fbase);
//
char locationBuf[20];
if (!name) {
uintptr_t addr = JS_FUNC_TO_DATA_PTR(uintptr_t, fun->native());
snprintf(locationBuf, mozilla::ArrayLength(locationBuf), "%" PRIxPTR, addr);
}
op_.readType("native", name, name ? nullptr : locationBuf, Nothing());
Reported by FlawFinder.
src/third_party/wiredtiger/src/utilities/util_load_json.c
5 issues
Line: 218
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size_t gotnolen, keystrlen;
uint64_t gotno, recno;
int nfield, nkeys, toktype, tret;
char config[64], *endp, *uri;
const char *keyformat;
bool isrec;
cursor = NULL;
uri = NULL;
Reported by FlawFinder.
Line: 53
Column: 27
CWE codes:
126
static int json_top_level(WT_SESSION *, JSON_INPUT_STATE *, uint32_t);
#define JSON_STRING_MATCH(ins, match) \
((ins)->toklen - 2 == strlen(match) && \
strncmp((ins)->tokstart + 1, (match), (ins)->toklen - 2) == 0)
#define JSON_INPUT_POS(ins) ((size_t)((ins)->p - (const char *)(ins)->line.mem))
#define JSON_EXPECT(session, ins, tok) \
Reported by FlawFinder.
Line: 149
Column: 20
CWE codes:
126
char *tmp;
if (len > 0) {
needsize = strlen(ins->kvraw) + len + 2;
if ((tmp = malloc(needsize)) == NULL)
return (util_err(session, errno, NULL));
WT_ERR(__wt_snprintf(tmp, needsize, "%s %.*s", ins->kvraw, (int)len, str));
free(ins->kvraw);
ins->kvraw = tmp;
Reported by FlawFinder.
Line: 288
Column: 29
CWE codes:
126
curpos - ins->kvrawstart)) != 0)
goto err;
ins->kvrawstart = curpos;
keystrlen = strlen(ins->kvraw);
}
if (json_peek(session, ins) != ',')
break;
JSON_EXPECT(session, ins, ',');
if (json_peek(session, ins) != 's')
Reported by FlawFinder.
Line: 472
Column: 23
CWE codes:
126
break;
if (ins->kvraw != NULL) {
if (json_kvraw_append(session, ins, (char *)ins->line.mem + ins->kvrawstart,
strlen(ins->line.mem) - ins->kvrawstart)) {
ret = -1;
goto err;
}
ins->kvrawstart = 0;
}
Reported by FlawFinder.