The following issues were found
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Tool/aixcc.py
5 issues
Line: 39
Column: 1
import SCons.Platform.aix
from . import cc
packages = ['vac.C', 'ibmcxx.cmp']
def get_xlc(env):
xlc = env.get('CC', 'xlc')
Reported by Pylint.
Line: 63
Column: 16
env['CCVERSION'] = version
def exists(env):
path, _cc, version = get_xlc(env)
if path and _cc:
xlc = os.path.join(path, _cc)
if os.path.exists(xlc):
return xlc
return None
Reported by Pylint.
Line: 33
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
__revision__ = "src/engine/SCons/Tool/aixcc.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import os.path
import SCons.Platform.aix
Reported by Pylint.
Line: 43
Column: 1
packages = ['vac.C', 'ibmcxx.cmp']
def get_xlc(env):
xlc = env.get('CC', 'xlc')
return SCons.Platform.aix.get_xlc(env, xlc, packages)
def generate(env):
"""Add Builders and construction variables for xlc / Visual Age
Reported by Pylint.
Line: 62
Column: 1
if version:
env['CCVERSION'] = version
def exists(env):
path, _cc, version = get_xlc(env)
if path and _cc:
xlc = os.path.join(path, _cc)
if os.path.exists(xlc):
return xlc
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_txn20.py
5 issues
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 36
Column: 1
import wttest
from wtscenario import make_scenarios
class test_txn20(wttest.WiredTigerTestCase):
uri = 'table:test_txn'
key_format_values = [
('string-row', dict(key_format='S', key='key')),
('column', dict(key_format='r', key=12)),
Reported by Pylint.
Line: 36
Column: 1
import wttest
from wtscenario import make_scenarios
class test_txn20(wttest.WiredTigerTestCase):
uri = 'table:test_txn'
key_format_values = [
('string-row', dict(key_format='S', key='key')),
('column', dict(key_format='r', key=12)),
Reported by Pylint.
Line: 52
Column: 5
old_value = 'value: old'
new_value = 'value: new'
def test_isolation_level(self):
self.session.create(self.uri, 'key_format={},value_format=S'.format(self.key_format))
cursor = self.session.open_cursor(self.uri, None)
cursor[self.key] = self.old_value
# Make an update and don't commit it just yet. We should see the update
Reported by Pylint.
Line: 62
Column: 9
self.session.begin_transaction()
cursor[self.key] = self.new_value
s = self.conn.open_session()
cursor = s.open_cursor(self.uri, None)
s.begin_transaction('isolation=' + self.isolation)
if self.isolation == 'read-uncommitted':
# Unlike the 'read-committed' and 'snapshot' isolation levels, we're
Reported by Pylint.
src/third_party/icu4c-57.1/source/i18n/dtptngen.cpp
5 issues
Line: 242
static const char DT_DateTimeAvailableFormatsTag[]="availableFormats";
//static const UnicodeString repeatedPattern=UnicodeString(repeatedPatterns);
UOBJECT_DEFINE_RTTI_IMPLEMENTATION(DateTimePatternGenerator)
UOBJECT_DEFINE_RTTI_IMPLEMENTATION(DTSkeletonEnumeration)
UOBJECT_DEFINE_RTTI_IMPLEMENTATION(DTRedundantEnumeration)
DateTimePatternGenerator* U_EXPORT2
DateTimePatternGenerator::createInstance(UErrorCode& status) {
Reported by Cppcheck.
Line: 556
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (U_FAILURE(status)) { return; }
const char *localeID = locale.getName();
char maxLocaleID[ULOC_FULLNAME_CAPACITY];
int32_t length = uloc_addLikelySubtags(localeID, maxLocaleID, ULOC_FULLNAME_CAPACITY, &status);
if (U_FAILURE(status)) {
return;
} else if (length == ULOC_FULLNAME_CAPACITY) { // no room for NUL
status = U_BUFFER_OVERFLOW_ERROR;
Reported by FlawFinder.
Line: 756
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
const char *curLocaleName=ures_getLocaleByType(rb, ULOC_ACTUAL_LOCALE, &err);
const char * calendarTypeToUse = DT_DateTimeGregorianTag; // initial default
char calendarType[ULOC_KEYWORDS_CAPACITY]; // to be filled in with the type to use, if all goes well
if ( U_SUCCESS(err) ) {
char localeWithCalendarKey[ULOC_LOCALE_IDENTIFIER_CAPACITY];
// obtain a locale that always has the calendar key value that should be used
(void)ures_getFunctionalEquivalent(localeWithCalendarKey, ULOC_LOCALE_IDENTIFIER_CAPACITY, NULL,
"calendar", "calendar", locale.getName(), NULL, FALSE, &err);
Reported by FlawFinder.
Line: 758
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char * calendarTypeToUse = DT_DateTimeGregorianTag; // initial default
char calendarType[ULOC_KEYWORDS_CAPACITY]; // to be filled in with the type to use, if all goes well
if ( U_SUCCESS(err) ) {
char localeWithCalendarKey[ULOC_LOCALE_IDENTIFIER_CAPACITY];
// obtain a locale that always has the calendar key value that should be used
(void)ures_getFunctionalEquivalent(localeWithCalendarKey, ULOC_LOCALE_IDENTIFIER_CAPACITY, NULL,
"calendar", "calendar", locale.getName(), NULL, FALSE, &err);
localeWithCalendarKey[ULOC_LOCALE_IDENTIFIER_CAPACITY-1] = 0; // ensure null termination
// now get the calendar key value from that locale
Reported by FlawFinder.
Line: 894
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// uloc_getParent on the actual locale name)
// (It would be nice to have a ures function that did this...)
err = U_ZERO_ERROR;
char parentLocale[ULOC_FULLNAME_CAPACITY];
int32_t locNameLen;
const UChar * parentUName = ures_getStringByKey(rb, "%%Parent", &locNameLen, &err);
if (U_SUCCESS(err) && err != U_USING_FALLBACK_WARNING && locNameLen < ULOC_FULLNAME_CAPACITY) {
u_UCharsToChars(parentUName, parentLocale, locNameLen + 1);
} else {
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/i18n/decNumber.c
5 issues
Line: 7933
Column: 11
CWE codes:
134
Suggestion:
Use a constant for the format specification
printf(" :%c: ", name);
for (i=len-1; i>=0; i--) {
if (i==len-1) printf("%ld ", (LI)ar[i]);
else printf(spec, ar[i]);
}
printf("\n");
return;}
#endif
Reported by FlawFinder.
Line: 3671
Column: 7
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
}
if (dn->bits&DECSPECIAL) { /* Is a special value */
if (decNumberIsInfinite(dn)) {
strcpy(c, "Inf");
strcpy(c+3, "inity");
return;}
/* a NaN */
if (dn->bits&DECSNAN) { /* signalling NaN */
*c='s';
Reported by FlawFinder.
Line: 3672
Column: 7
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (dn->bits&DECSPECIAL) { /* Is a special value */
if (decNumberIsInfinite(dn)) {
strcpy(c, "Inf");
strcpy(c+3, "inity");
return;}
/* a NaN */
if (dn->bits&DECSNAN) { /* signalling NaN */
*c='s';
c++;
Reported by FlawFinder.
Line: 3679
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
*c='s';
c++;
}
strcpy(c, "NaN");
c+=3; /* step past */
/* if not a clean non-zero coefficient, that's all there is in a */
/* NaN string */
if (exp!=0 || (*dn->lsu==0 && dn->digits==1)) return;
/* [drop through to add integer] */
Reported by FlawFinder.
Line: 3661
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
#if DECCHECK
if (decCheckOperands(DECUNRESU, dn, DECUNUSED, DECUNCONT)) {
strcpy(string, "?");
return;}
#endif
if (decNumberIsNegative(dn)) { /* Negatives get a minus */
*c='-';
Reported by FlawFinder.
src/mongo/bson/bsonelement.cpp
5 issues
Line: 694
Column: 51
CWE codes:
120
20
BSONObj BSONElement::codeWScopeObject() const {
verify(type() == CodeWScope);
int strSizeWNull = ConstDataView(value() + 4).read<LittleEndian<int>>();
return BSONObj(value() + 4 + 4 + strSizeWNull);
}
// wrap this element up as a singleton object.
BSONObj BSONElement::wrap() const {
Reported by FlawFinder.
Line: 823
Column: 57
CWE codes:
120
20
return sizeInfo.bytes + fieldNameSize;
if (MONGO_likely(sizeInfo.style == SizeStyle::kIntPlusFixed))
return sizeInfo.bytes + fieldNameSize +
ConstDataView(elem + fieldNameSize + 1).read<LittleEndian<int32_t>>();
}
// The following code handles all special cases: MinKey, MaxKey, RegEx and invalid types.
if (type == MaxKey || type == MinKey)
return fieldNameSize + 1;
Reported by FlawFinder.
Line: 834
Column: 19
CWE codes:
126
// RegEx is two c-strings back-to-back.
const char* p = elem + fieldNameSize + 1;
size_t len1 = strlen(p);
p = p + len1 + 1;
size_t len2 = strlen(p);
return (len1 + 1 + len2 + 1) + fieldNameSize + 1;
}
Reported by FlawFinder.
Line: 836
Column: 19
CWE codes:
126
const char* p = elem + fieldNameSize + 1;
size_t len1 = strlen(p);
p = p + len1 + 1;
size_t len2 = strlen(p);
return (len1 + 1 + len2 + 1) + fieldNameSize + 1;
}
std::string BSONElement::toString(bool includeFieldName, bool full) const {
StringBuilder s;
Reported by FlawFinder.
Line: 988
Column: 58
CWE codes:
120
20
return std::string(valuestr(), valuestrsize() - 1);
case CodeWScope:
return std::string(codeWScopeCode(),
ConstDataView(valuestr()).read<LittleEndian<int>>() - 1);
default:
LOGV2(20100, "can't convert type: {int_type} to code", "int_type"_attr = (int)(type()));
}
uassert(10062, "not code", 0);
return "";
Reported by FlawFinder.
src/mongo/db/exec/sbe/parser/parser.cpp
5 issues
Line: 861
CWE codes:
908
MONGO_UNREACHABLE
}
const auto forward = (ast.nodes[forwardPos]->token == "true") ? true : false;
auto [indexKeysInclusion, vars] =
lookupIndexKeyRenames(ast.nodes[projectsPos]->renames, ast.nodes[projectsPos]->indexKeys);
ast.stage = makeS<IndexScanStage>(getCollectionUuid(collName),
Reported by Cppcheck.
Line: 921
CWE codes:
908
MONGO_UNREACHABLE
}
const auto forward = (ast.nodes[forwardPos]->token == "true") ? true : false;
auto [indexKeysInclusion, vars] =
lookupIndexKeyRenames(ast.nodes[projectsPos]->renames, ast.nodes[projectsPos]->indexKeys);
ast.stage = makeS<IndexScanStage>(getCollectionUuid(collName),
Reported by Cppcheck.
Line: 1000
Column: 51
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
}
uassert(ErrorCodes::FailedToParse,
"Union output values and input values mismatch",
std::all_of(
inputVals.begin(), inputVals.end(), [size = outputVals.size()](const auto& slots) {
return slots.size() == size;
}));
Reported by FlawFinder.
Line: 1039
Column: 57
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
}
uassert(ErrorCodes::FailedToParse,
"SortedMerge output values and input values mismatch",
std::all_of(
inputVals.begin(), inputVals.end(), [size = outputVals.size()](const auto& slots) {
return slots.size() == size;
}));
uassert(ErrorCodes::FailedToParse,
Reported by FlawFinder.
Line: 1045
Column: 36
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
return slots.size() == size;
}));
uassert(ErrorCodes::FailedToParse,
"SortedMerge dirs/keys mismatch",
std::all_of(inputKeys.begin(),
inputKeys.end(),
[size = dirs.size()](const auto& slots) { return slots.size() == size; }));
ast.stage = makeS<SortedMergeStage>(std::move(inputStages),
Reported by FlawFinder.
src/third_party/wiredtiger/src/conn/conn_api.c
5 issues
Line: 938
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_DECL_RET;
WT_DLH *dlh;
int (*load)(WT_CONNECTION *, WT_CONFIG_ARG *);
const char *ext_cfg[2];
const char *ext_config, *init_name, *terminate_name;
bool is_local;
dlh = NULL;
ext_config = init_name = terminate_name = NULL;
Reported by FlawFinder.
Line: 1697
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_FH *fh;
wt_off_t size;
size_t len;
char buf[256];
bool bytelock, exist, is_create, match;
conn = S2C(session);
fh = NULL;
Reported by FlawFinder.
Line: 2476
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_SESSION_IMPL *session;
bool config_base_set, try_salvage, verify_meta;
const char *enc_cfg[] = {NULL, NULL}, *merge_cfg;
char version[64];
#if 0
/* FIXME-WT-6263: Temporarily disable history store verification. */
WT_SESSION_IMPL *verify_session;
#endif
Reported by FlawFinder.
Line: 1815
Column: 29
CWE codes:
126
*/
#define WT_SINGLETHREAD_STRING "WiredTiger lock file\n"
WT_ERR(__wt_filesize(session, conn->lock_fh, &size));
if ((size_t)size != strlen(WT_SINGLETHREAD_STRING))
WT_ERR(__wt_write(session, conn->lock_fh, (wt_off_t)0, strlen(WT_SINGLETHREAD_STRING),
WT_SINGLETHREAD_STRING));
}
/* We own the lock file, optionally create the WiredTiger file. */
Reported by FlawFinder.
Line: 1816
Column: 68
CWE codes:
126
#define WT_SINGLETHREAD_STRING "WiredTiger lock file\n"
WT_ERR(__wt_filesize(session, conn->lock_fh, &size));
if ((size_t)size != strlen(WT_SINGLETHREAD_STRING))
WT_ERR(__wt_write(session, conn->lock_fh, (wt_off_t)0, strlen(WT_SINGLETHREAD_STRING),
WT_SINGLETHREAD_STRING));
}
/* We own the lock file, optionally create the WiredTiger file. */
ret = __wt_open(
Reported by FlawFinder.
src/third_party/wiredtiger/src/btree/bt_io.c
5 issues
Line: 94
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* markers in the stream to signal the end of the compressed bytes. Those engines must store
* the compressed byte length somehow, see the snappy compression extension for an example.
*/
memcpy(buf->mem, ip->data, WT_BLOCK_COMPRESS_SKIP);
ret = btree->compressor->decompress(btree->compressor, &session->iface,
(uint8_t *)ip->data + WT_BLOCK_COMPRESS_SKIP, tmp->size - WT_BLOCK_COMPRESS_SKIP,
(uint8_t *)buf->mem + WT_BLOCK_COMPRESS_SKIP, dsk->mem_size - WT_BLOCK_COMPRESS_SKIP,
&result_len);
Reported by FlawFinder.
Line: 197
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (compressed) {
WT_ERR(__wt_scr_alloc(session, dsk->mem_size, &ctmp));
memcpy(ctmp->mem, buf->data, WT_BLOCK_COMPRESS_SKIP);
WT_ERR(btree->compressor->decompress(btree->compressor, &session->iface,
(uint8_t *)buf->data + WT_BLOCK_COMPRESS_SKIP, buf->size - WT_BLOCK_COMPRESS_SKIP,
(uint8_t *)ctmp->data + WT_BLOCK_COMPRESS_SKIP, ctmp->memsize - WT_BLOCK_COMPRESS_SKIP,
&result_len));
WT_ASSERT(session, dsk->mem_size == result_len + WT_BLOCK_COMPRESS_SKIP);
Reported by FlawFinder.
Line: 275
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/*
* Copy in the skipped header bytes, set the final data size.
*/
memcpy(ctmp->mem, buf->mem, WT_BLOCK_COMPRESS_SKIP);
ctmp->size = result_len;
ip = ctmp;
/* Optionally return the compressed size. */
if (compressed_sizep != NULL)
Reported by FlawFinder.
Line: 38
Column: 20
CWE codes:
120
20
* into the caller's buffer. Else, read directly into the caller's buffer.
*/
if (btree->compressor == NULL && btree->kencryptor == NULL) {
WT_RET(bm->read(bm, session, buf, addr, addr_size));
dsk = buf->data;
ip = NULL;
} else {
WT_RET(__wt_scr_alloc(session, 0, &tmp));
WT_ERR(bm->read(bm, session, tmp, addr, addr_size));
Reported by FlawFinder.
src/third_party/wiredtiger/src/block/block_ckpt_scan.c
5 issues
Line: 100
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size = buf->size + len;
WT_RET(__wt_buf_extend(session, buf, size));
p = (uint8_t *)buf->mem + buf->size;
memcpy(p, ckpt->block_metadata, len);
buf->size = size;
/* 4a, copy the checkpoint list length into the buffer. */
len = strlen(ckpt->block_checkpoint);
size = buf->size + WT_INTPACK64_MAXSIZE;
Reported by FlawFinder.
Line: 115
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size = buf->size + len;
WT_RET(__wt_buf_extend(session, buf, size));
p = (uint8_t *)buf->mem + buf->size;
memcpy(p, ckpt->block_checkpoint, len);
buf->size = size;
/*
* 5a, copy the not-quite-right checkpoint information length into the
* buffer.
Reported by FlawFinder.
Line: 135
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size = buf->size + len;
WT_RET(__wt_buf_extend(session, buf, size));
p = (uint8_t *)buf->mem + buf->size;
memcpy(p, ckpt->raw.data, len);
buf->size = size;
/*
* We might have grown the buffer beyond the original allocation size, make sure that we're
* still in compliance.
Reported by FlawFinder.
Line: 89
Column: 11
CWE codes:
126
buf->size = size;
/* 3a, copy the metadata length into the buffer. */
len = strlen(ckpt->block_metadata);
size = buf->size + WT_INTPACK64_MAXSIZE;
WT_RET(__wt_buf_extend(session, buf, size));
p = (uint8_t *)buf->mem + buf->size;
WT_RET(__wt_vpack_uint(&p, 0, (uint64_t)len));
buf->size = WT_PTRDIFF(p, buf->mem);
Reported by FlawFinder.
Line: 104
Column: 11
CWE codes:
126
buf->size = size;
/* 4a, copy the checkpoint list length into the buffer. */
len = strlen(ckpt->block_checkpoint);
size = buf->size + WT_INTPACK64_MAXSIZE;
WT_RET(__wt_buf_extend(session, buf, size));
p = (uint8_t *)buf->mem + buf->size;
WT_RET(__wt_vpack_uint(&p, 0, (uint64_t)len));
buf->size = WT_PTRDIFF(p, buf->mem);
Reported by FlawFinder.
src/third_party/wiredtiger/src/cursor/cur_stat.c
5 issues
Line: 537
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/*
* Copy stats from the session to the cursor. Optionally clear the session's statistics.
*/
memcpy(&cst->u.session_stats, &session->stats, sizeof(WT_SESSION_STATS));
if (F_ISSET(cst, WT_STAT_CLEAR))
__wt_stat_session_clear_single(&session->stats);
cst->stats = (int64_t *)&cst->u.session_stats;
cst->stats_base = WT_SESSION_STATS_BASE;
Reported by FlawFinder.
Line: 492
Column: 30
CWE codes:
126
sgrp = &cst->u.join_stats_group;
session = CUR2S(sgrp->join_cursor);
WT_RET(__wt_stat_join_desc(cst, slot, &static_desc));
len = strlen("join: ") + strlen(sgrp->desc_prefix) + strlen(static_desc) + 1;
WT_RET(__wt_realloc(session, NULL, len, &cst->desc_buf));
WT_RET(__wt_snprintf(cst->desc_buf, len, "join: %s%s", sgrp->desc_prefix, static_desc));
*resultp = cst->desc_buf;
return (0);
}
Reported by FlawFinder.
Line: 492
Column: 11
CWE codes:
126
sgrp = &cst->u.join_stats_group;
session = CUR2S(sgrp->join_cursor);
WT_RET(__wt_stat_join_desc(cst, slot, &static_desc));
len = strlen("join: ") + strlen(sgrp->desc_prefix) + strlen(static_desc) + 1;
WT_RET(__wt_realloc(session, NULL, len, &cst->desc_buf));
WT_RET(__wt_snprintf(cst->desc_buf, len, "join: %s%s", sgrp->desc_prefix, static_desc));
*resultp = cst->desc_buf;
return (0);
}
Reported by FlawFinder.
Line: 492
Column: 58
CWE codes:
126
sgrp = &cst->u.join_stats_group;
session = CUR2S(sgrp->join_cursor);
WT_RET(__wt_stat_join_desc(cst, slot, &static_desc));
len = strlen("join: ") + strlen(sgrp->desc_prefix) + strlen(static_desc) + 1;
WT_RET(__wt_realloc(session, NULL, len, &cst->desc_buf));
WT_RET(__wt_snprintf(cst->desc_buf, len, "join: %s%s", sgrp->desc_prefix, static_desc));
*resultp = cst->desc_buf;
return (0);
}
Reported by FlawFinder.
Line: 562
Column: 22
CWE codes:
126
return (0);
}
dsrc_uri = uri + strlen("statistics:");
if (strcmp(dsrc_uri, "join") == 0)
WT_RET(__curstat_join_init(session, curjoin, cfg, cst));
else if (strcmp(dsrc_uri, "session") == 0) {
__curstat_session_init(session, cst);
Reported by FlawFinder.