The following issues were found
src/third_party/boost/boost/type_traits/type_with_alignment.hpp
5 issues
Line: 134
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
//
namespace tt_align_ns {
struct __declspec(align(8)) a8 {
char m[8];
typedef a8 type;
};
struct __declspec(align(16)) a16 {
char m[16];
typedef a16 type;
Reported by FlawFinder.
Line: 138
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef a8 type;
};
struct __declspec(align(16)) a16 {
char m[16];
typedef a16 type;
};
struct __declspec(align(32)) a32 {
char m[32];
typedef a32 type;
Reported by FlawFinder.
Line: 142
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef a16 type;
};
struct __declspec(align(32)) a32 {
char m[32];
typedef a32 type;
};
struct __declspec(align(64)) a64
{
char m[64];
Reported by FlawFinder.
Line: 147
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct __declspec(align(64)) a64
{
char m[64];
typedef a64 type;
};
struct __declspec(align(128)) a128 {
char m[128];
typedef a128 type;
Reported by FlawFinder.
Line: 151
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef a64 type;
};
struct __declspec(align(128)) a128 {
char m[128];
typedef a128 type;
};
}
template<> struct type_with_alignment<8>
Reported by FlawFinder.
src/mongo/util/future_test_edge_cases.cpp
5 issues
Line: 165
// This is the motivating case for SharedStateBase::isJustForContinuation. Without that logic, there
// would be a long chain of SharedStates, growing longer with each recursion. That logic exists to
// limit it to a fixed-size chain.
TEST(Future_EdgeCases, looping_onError) {
int tries = 10;
std::function<Future<int>()> read = [&] {
return async([&] {
uassert(ErrorCodes::BadValue, "", --tries == 0);
return tries;
Reported by Cppcheck.
Line: 172
Column: 43
CWE codes:
120
20
uassert(ErrorCodes::BadValue, "", --tries == 0);
return tries;
})
.onError([&](Status) { return read(); });
};
ASSERT_EQ(read().get(), 0);
}
// This tests for a bug in an earlier implementation of isJustForContinuation. Due to an off-by-one,
Reported by FlawFinder.
Line: 174
Column: 15
CWE codes:
120
20
})
.onError([&](Status) { return read(); });
};
ASSERT_EQ(read().get(), 0);
}
// This tests for a bug in an earlier implementation of isJustForContinuation. Due to an off-by-one,
// it would replace the "then" continuation's SharedState. A different type is used for the return
// from then to cause it to fail a checked_cast close to the bug in debug builds.
Reported by FlawFinder.
Line: 187
Column: 43
CWE codes:
120
20
uassert(ErrorCodes::BadValue, "", --tries == 0);
return tries;
})
.onError([&](Status) { return read(); });
};
ASSERT_EQ(read().then([](int x) { return x + 0.5; }).get(), 0.5);
}
TEST(Future_EdgeCases, interrupted_wait_then_get) {
Reported by FlawFinder.
Line: 189
Column: 15
CWE codes:
120
20
})
.onError([&](Status) { return read(); });
};
ASSERT_EQ(read().then([](int x) { return x + 0.5; }).get(), 0.5);
}
TEST(Future_EdgeCases, interrupted_wait_then_get) {
DummyInterruptible dummyInterruptible;
Reported by FlawFinder.
src/mongo/util/file.cpp
5 issues
Line: 113
Column: 12
CWE codes:
362
return 0;
}
void File::open(const char* filename, bool readOnly, bool direct) {
_name = filename;
_handle = CreateFileW(toNativeString(filename).c_str(), // filename
(readOnly ? 0 : GENERIC_WRITE) | GENERIC_READ, // desired access
FILE_SHARE_WRITE | FILE_SHARE_READ, // share mode
nullptr, // security
Reported by FlawFinder.
Line: 282
Column: 12
CWE codes:
362
#define O_NOATIME 0
#endif
void File::open(const char* filename, bool readOnly, bool direct) {
_name = filename;
_fd = ::open(filename,
(readOnly ? O_RDONLY : (O_CREAT | O_RDWR | O_NOATIME))
#if defined(O_DIRECT)
| (direct ? O_DIRECT : 0)
Reported by FlawFinder.
Line: 284
Column: 13
CWE codes:
362
void File::open(const char* filename, bool readOnly, bool direct) {
_name = filename;
_fd = ::open(filename,
(readOnly ? O_RDONLY : (O_CREAT | O_RDWR | O_NOATIME))
#if defined(O_DIRECT)
| (direct ? O_DIRECT : 0)
#endif
,
Reported by FlawFinder.
Line: 133
Column: 12
CWE codes:
120
20
}
}
void File::read(fileofs o, char* data, unsigned len) {
LARGE_INTEGER li;
li.QuadPart = o;
if (SetFilePointerEx(_handle, li, nullptr, FILE_BEGIN) == 0) {
_bad = true;
DWORD dosError = GetLastError();
Reported by FlawFinder.
Line: 301
Column: 12
CWE codes:
120
20
}
}
void File::read(fileofs o, char* data, unsigned len) {
ssize_t bytesRead = ::pread(_fd, data, len, o);
if (bytesRead == -1) {
_bad = true;
LOGV2(23154,
"In File::read(), ::pread for '{fileName}' failed with {error}",
Reported by FlawFinder.
src/mongo/util/fail_point_test.cpp
5 issues
Line: 73
MONGO_FAIL_POINT_DEFINE(dummy2);
} // namespace
TEST(FailPoint, InitialState) {
FailPoint failPoint("testFP");
ASSERT_FALSE(failPoint.shouldFail());
}
TEST(FailPoint, AlwaysOn) {
Reported by Cppcheck.
Line: 300
Column: 58
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
}
TEST(FailPoint, RandomActivationP0) {
ASSERT_EQUALS(0, runParallelFailPointTest(FailPoint::random, 0, 1, 1000000));
}
TEST(FailPoint, RandomActivationP5) {
ASSERT_APPROX_EQUAL(500000,
runParallelFailPointTest(
Reported by FlawFinder.
Line: 306
Column: 40
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
TEST(FailPoint, RandomActivationP5) {
ASSERT_APPROX_EQUAL(500000,
runParallelFailPointTest(
FailPoint::random, std::numeric_limits<int32_t>::max() / 2, 10, 100000),
1000);
}
TEST(FailPoint, RandomActivationP01) {
ASSERT_APPROX_EQUAL(
Reported by FlawFinder.
Line: 314
Column: 24
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
ASSERT_APPROX_EQUAL(
10000,
runParallelFailPointTest(
FailPoint::random, std::numeric_limits<int32_t>::max() / 100, 10, 100000),
500);
}
TEST(FailPoint, RandomActivationP001) {
ASSERT_APPROX_EQUAL(
Reported by FlawFinder.
Line: 322
Column: 24
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
ASSERT_APPROX_EQUAL(
1000,
runParallelFailPointTest(
FailPoint::random, std::numeric_limits<int32_t>::max() / 1000, 10, 100000),
500);
}
TEST(FailPoint, parseBSONEmptyFails) {
auto swTuple = FailPoint::parseBSON(BSONObj());
Reported by FlawFinder.
src/third_party/wiredtiger/examples/c/ex_schema.c
5 issues
Line: 129
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
while ((ret = cursor->next(cursor)) == 0) {
error_check(cursor->get_key(cursor, &recno));
error_check(cursor->get_value(cursor, &country, &year, &population));
printf("ID %" PRIu64, recno);
printf(
": country %s, year %" PRIu16 ", population %" PRIu64 "\n", country, year, population);
}
scan_end_check(ret == WT_NOTFOUND);
error_check(cursor->close(cursor));
Reported by FlawFinder.
Line: 144
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
error_check(cursor->get_key(cursor, &key));
error_check(wiredtiger_struct_unpack(session, key.data, key.size, "r", &recno));
printf("ID %" PRIu64, recno);
error_check(cursor->get_value(cursor, &value));
error_check(wiredtiger_struct_unpack(
session, value.data, value.size, "5sHQ", &country, &year, &population));
printf(
Reported by FlawFinder.
Line: 301
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
while ((ret = join_cursor->next(join_cursor)) == 0) {
error_check(join_cursor->get_key(join_cursor, &recno));
error_check(join_cursor->get_value(join_cursor, &country, &year, &population));
printf("ID %" PRIu64, recno);
printf(
": country %s, year %" PRIu16 ", population %" PRIu64 "\n", country, year, population);
}
scan_end_check(ret == WT_NOTFOUND);
/*! [Join cursors] */
Reported by FlawFinder.
Line: 354
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
while ((ret = join_cursor->next(join_cursor)) == 0) {
error_check(join_cursor->get_key(join_cursor, &recno));
error_check(join_cursor->get_value(join_cursor, &country, &year, &population));
printf("ID %" PRIu64, recno);
printf(
": country %s, year %" PRIu16 ", population %" PRIu64 "\n", country, year, population);
}
scan_end_check(ret == WT_NOTFOUND);
/*! [Complex join cursors] */
Reported by FlawFinder.
Line: 39
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/*! [schema declaration] */
/* The C struct for the data we are storing in a WiredTiger table. */
typedef struct {
char country[5];
uint16_t year;
uint64_t population;
} POP_RECORD;
static POP_RECORD pop_data[] = {{"AU", 1900, 4000000}, {"AU", 1950, 8267337},
Reported by FlawFinder.
src/third_party/wiredtiger/examples/c/ex_config_parse.c
5 issues
Line: 50
Column: 62
CWE codes:
126
"path=/dev/loop,page_size=1024,log=(archive=true,file_max=20MB)";
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
error_check(parser->close(parser));
/*! [Create a configuration parser] */
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
Reported by FlawFinder.
Line: 55
Column: 62
CWE codes:
126
/*! [Create a configuration parser] */
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
{
/*! [get] */
int64_t my_page_size;
/*
Reported by FlawFinder.
Line: 73
Column: 66
CWE codes:
126
{
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
/*! [next] */
/*
* Retrieve and print the values of the configuration strings.
*/
while ((ret = parser->next(parser, &k, &v)) == 0) {
Reported by FlawFinder.
Line: 91
Column: 62
CWE codes:
126
}
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
/*! [nested get] */
/*
* Retrieve the value of the nested log file_max configuration string using dot shorthand.
* Utilize the configuration parsing automatic conversion of value strings into an integer.
Reported by FlawFinder.
Line: 105
Column: 62
CWE codes:
126
error_check(parser->close(parser));
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
/*! [nested traverse] */
{
WT_CONFIG_PARSER *sub_parser;
while ((ret = parser->next(parser, &k, &v)) == 0) {
if (v.type == WT_CONFIG_ITEM_STRUCT) {
Reported by FlawFinder.
src/third_party/wiredtiger/dist/test_data.py
5 issues
Line: 1
Column: 1
# This file is a python script that describes the cpp test framework test configuration options.
class Method:
def __init__(self, config):
# Deal with duplicates: with complex configurations (like
# WT_SESSION::create), it's simpler to deal with duplicates once than
# manually as configurations are defined
self.config = []
lastname = None
Reported by Pylint.
Line: 3
Column: 1
# This file is a python script that describes the cpp test framework test configuration options.
class Method:
def __init__(self, config):
# Deal with duplicates: with complex configurations (like
# WT_SESSION::create), it's simpler to deal with duplicates once than
# manually as configurations are defined
self.config = []
lastname = None
Reported by Pylint.
Line: 3
Column: 1
# This file is a python script that describes the cpp test framework test configuration options.
class Method:
def __init__(self, config):
# Deal with duplicates: with complex configurations (like
# WT_SESSION::create), it's simpler to deal with duplicates once than
# manually as configurations are defined
self.config = []
lastname = None
Reported by Pylint.
Line: 10
Column: 13
# manually as configurations are defined
self.config = []
lastname = None
for c in sorted(config):
if '.' in c.name:
raise "Bad config key '%s'" % c.name
if c.name == lastname:
continue
lastname = c.name
Reported by Pylint.
Line: 18
Column: 1
lastname = c.name
self.config.append(c)
class Config:
def __init__(self, name, default, desc, subconfig=None, **flags):
self.name = name
self.default = default
self.desc = desc
self.subconfig = subconfig
Reported by Pylint.
src/mongo/util/debugger.cpp
5 issues
Line: 122
Column: 9
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
extern "C" void execCallback(int) {
launchDebugger([](char* pidToDebug) {
execlp("gdbserver", "gdbserver", "--attach", ":0", pidToDebug, nullptr);
});
}
#elif defined(USE_LLDB_SERVER)
Reported by FlawFinder.
Line: 131
Column: 9
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
extern "C" void execCallback(int) {
launchDebugger([](char* pidToDebug) {
#ifdef __linux__
execlp("lldb-server", "lldb-server", "g", "--attach", pidToDebug, "*:12345", nullptr);
#else
execlp("debugserver", "debugserver", "*:12345", "--attach", pidToDebug, nullptr);
#endif
});
}
Reported by FlawFinder.
Line: 133
Column: 9
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
#ifdef __linux__
execlp("lldb-server", "lldb-server", "g", "--attach", pidToDebug, "*:12345", nullptr);
#else
execlp("debugserver", "debugserver", "*:12345", "--attach", pidToDebug, nullptr);
#endif
});
}
#endif
Reported by FlawFinder.
Line: 90
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Don't come back here
signal(SIGTRAP, SIG_IGN);
char pidToDebug[16];
int pidRet = snprintf(pidToDebug, sizeof(pidToDebug), "%d", getpid());
if (!(pidRet >= 0 && size_t(pidRet) < sizeof(pidToDebug)))
std::abort();
char msg[128];
Reported by FlawFinder.
Line: 95
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!(pidRet >= 0 && size_t(pidRet) < sizeof(pidToDebug)))
std::abort();
char msg[128];
int msgRet = snprintf(msg,
sizeof(msg),
"\n\n\t**** Launching debugging server (ensure binary is in PATH, use "
"lsof to find port) ****\n\n");
if (!(msgRet >= 0 && size_t(msgRet) < sizeof(msg)))
Reported by FlawFinder.
src/third_party/boost/boost/regex/v5/regex_workaround.hpp
5 issues
Line: 122
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
if (lenSourceWithNull > sizeInBytes)
return 1;
std::memcpy(strDestination, strSource, lenSourceWithNull);
return 0;
}
inline std::size_t strcat_s(
char *strDestination,
std::size_t sizeInBytes,
Reported by FlawFinder.
Line: 135
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
std::size_t lenDestination = std::strlen(strDestination);
if (lenSourceWithNull + lenDestination > sizeInBytes)
return 1;
std::memcpy(strDestination + lenDestination, strSource, lenSourceWithNull);
return 0;
}
#endif
Reported by FlawFinder.
Line: 119
Column: 41
CWE codes:
126
const char *strSource
)
{
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
if (lenSourceWithNull > sizeInBytes)
return 1;
std::memcpy(strDestination, strSource, lenSourceWithNull);
return 0;
}
Reported by FlawFinder.
Line: 131
Column: 41
CWE codes:
126
const char *strSource
)
{
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
std::size_t lenDestination = std::strlen(strDestination);
if (lenSourceWithNull + lenDestination > sizeInBytes)
return 1;
std::memcpy(strDestination + lenDestination, strSource, lenSourceWithNull);
return 0;
Reported by FlawFinder.
Line: 132
Column: 38
CWE codes:
126
)
{
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
std::size_t lenDestination = std::strlen(strDestination);
if (lenSourceWithNull + lenDestination > sizeInBytes)
return 1;
std::memcpy(strDestination + lenDestination, strSource, lenSourceWithNull);
return 0;
}
Reported by FlawFinder.
src/third_party/boost/boost/regex/v4/fileiter.hpp
5 issues
Line: 96
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct _fi_find_data
{
unsigned dwFileAttributes;
char cFileName[MAX_PATH];
};
struct _fi_priv_data;
typedef _fi_priv_data* _fi_find_handle;
Reported by FlawFinder.
Line: 152
Column: 69
CWE codes:
362
typedef const char* iterator;
mapfile(){ hfile = hmap = 0; _first = _last = 0; }
mapfile(const char* file){ hfile = hmap = 0; _first = _last = 0; open(file); }
~mapfile(){ close(); }
void open(const char* file);
void close();
const char* begin(){ return _first; }
const char* end(){ return _last; }
Reported by FlawFinder.
Line: 154
Column: 9
CWE codes:
362
mapfile(){ hfile = hmap = 0; _first = _last = 0; }
mapfile(const char* file){ hfile = hmap = 0; _first = _last = 0; open(file); }
~mapfile(){ close(); }
void open(const char* file);
void close();
const char* begin(){ return _first; }
const char* end(){ return _last; }
size_t size(){ return _last - _first; }
bool valid(){ return (hfile != 0) && (hfile != INVALID_HANDLE_VALUE); }
Reported by FlawFinder.
Line: 186
Column: 73
CWE codes:
362
typedef mapfile_iterator iterator;
mapfile(){ hfile = 0; _size = 0; _first = _last = 0; }
mapfile(const char* file){ hfile = 0; _size = 0; _first = _last = 0; open(file); }
~mapfile(){ close(); }
void open(const char* file);
void close();
iterator begin()const;
iterator end()const;
Reported by FlawFinder.
Line: 188
Column: 9
CWE codes:
362
mapfile(){ hfile = 0; _size = 0; _first = _last = 0; }
mapfile(const char* file){ hfile = 0; _size = 0; _first = _last = 0; open(file); }
~mapfile(){ close(); }
void open(const char* file);
void close();
iterator begin()const;
iterator end()const;
unsigned long size()const{ return _size; }
bool valid()const{ return hfile != 0; }
Reported by FlawFinder.