The following issues were found
src/third_party/boost/boost/regex/v5/regex_workaround.hpp
5 issues
Line: 122
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
if (lenSourceWithNull > sizeInBytes)
return 1;
std::memcpy(strDestination, strSource, lenSourceWithNull);
return 0;
}
inline std::size_t strcat_s(
char *strDestination,
std::size_t sizeInBytes,
Reported by FlawFinder.
Line: 135
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
std::size_t lenDestination = std::strlen(strDestination);
if (lenSourceWithNull + lenDestination > sizeInBytes)
return 1;
std::memcpy(strDestination + lenDestination, strSource, lenSourceWithNull);
return 0;
}
#endif
Reported by FlawFinder.
Line: 119
Column: 41
CWE codes:
126
const char *strSource
)
{
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
if (lenSourceWithNull > sizeInBytes)
return 1;
std::memcpy(strDestination, strSource, lenSourceWithNull);
return 0;
}
Reported by FlawFinder.
Line: 131
Column: 41
CWE codes:
126
const char *strSource
)
{
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
std::size_t lenDestination = std::strlen(strDestination);
if (lenSourceWithNull + lenDestination > sizeInBytes)
return 1;
std::memcpy(strDestination + lenDestination, strSource, lenSourceWithNull);
return 0;
Reported by FlawFinder.
Line: 132
Column: 38
CWE codes:
126
)
{
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
std::size_t lenDestination = std::strlen(strDestination);
if (lenSourceWithNull + lenDestination > sizeInBytes)
return 1;
std::memcpy(strDestination + lenDestination, strSource, lenSourceWithNull);
return 0;
}
Reported by FlawFinder.
src/third_party/wiredtiger/dist/test_data.py
5 issues
Line: 1
Column: 1
# This file is a python script that describes the cpp test framework test configuration options.
class Method:
def __init__(self, config):
# Deal with duplicates: with complex configurations (like
# WT_SESSION::create), it's simpler to deal with duplicates once than
# manually as configurations are defined
self.config = []
lastname = None
Reported by Pylint.
Line: 3
Column: 1
# This file is a python script that describes the cpp test framework test configuration options.
class Method:
def __init__(self, config):
# Deal with duplicates: with complex configurations (like
# WT_SESSION::create), it's simpler to deal with duplicates once than
# manually as configurations are defined
self.config = []
lastname = None
Reported by Pylint.
Line: 3
Column: 1
# This file is a python script that describes the cpp test framework test configuration options.
class Method:
def __init__(self, config):
# Deal with duplicates: with complex configurations (like
# WT_SESSION::create), it's simpler to deal with duplicates once than
# manually as configurations are defined
self.config = []
lastname = None
Reported by Pylint.
Line: 10
Column: 13
# manually as configurations are defined
self.config = []
lastname = None
for c in sorted(config):
if '.' in c.name:
raise "Bad config key '%s'" % c.name
if c.name == lastname:
continue
lastname = c.name
Reported by Pylint.
Line: 18
Column: 1
lastname = c.name
self.config.append(c)
class Config:
def __init__(self, name, default, desc, subconfig=None, **flags):
self.name = name
self.default = default
self.desc = desc
self.subconfig = subconfig
Reported by Pylint.
src/third_party/wiredtiger/examples/c/ex_config_parse.c
5 issues
Line: 50
Column: 62
CWE codes:
126
"path=/dev/loop,page_size=1024,log=(archive=true,file_max=20MB)";
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
error_check(parser->close(parser));
/*! [Create a configuration parser] */
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
Reported by FlawFinder.
Line: 55
Column: 62
CWE codes:
126
/*! [Create a configuration parser] */
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
{
/*! [get] */
int64_t my_page_size;
/*
Reported by FlawFinder.
Line: 73
Column: 66
CWE codes:
126
{
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
/*! [next] */
/*
* Retrieve and print the values of the configuration strings.
*/
while ((ret = parser->next(parser, &k, &v)) == 0) {
Reported by FlawFinder.
Line: 91
Column: 62
CWE codes:
126
}
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
/*! [nested get] */
/*
* Retrieve the value of the nested log file_max configuration string using dot shorthand.
* Utilize the configuration parsing automatic conversion of value strings into an integer.
Reported by FlawFinder.
Line: 105
Column: 62
CWE codes:
126
error_check(parser->close(parser));
error_check(
wiredtiger_config_parser_open(NULL, config_string, strlen(config_string), &parser));
/*! [nested traverse] */
{
WT_CONFIG_PARSER *sub_parser;
while ((ret = parser->next(parser, &k, &v)) == 0) {
if (v.type == WT_CONFIG_ITEM_STRUCT) {
Reported by FlawFinder.
src/third_party/boost/boost/regex/v4/c_regex_traits.hpp
5 issues
Line: 314
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
inline int BOOST_REGEX_CALL c_regex_traits<char>::value(char c, int radix)
{
char b[2] = { c, '\0', };
char* ep;
int result = std::strtol(b, &ep, radix);
if (ep == b)
return -1;
return result;
Reported by FlawFinder.
Line: 485
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if ((std::iswxdigit)(c) == 0)
return -1;
#endif
wchar_t b[2] = { c, '\0', };
wchar_t* ep;
int result = std::wcstol(b, &ep, radix);
if (ep == b)
return -1;
return result;
Reported by FlawFinder.
Line: 33
Column: 12
CWE codes:
126
#ifdef BOOST_NO_STDC_NAMESPACE
namespace std{
using ::strlen; using ::tolower;
}
#endif
#ifdef BOOST_MSVC
#pragma warning(push)
Reported by FlawFinder.
Line: 89
Column: 20
CWE codes:
126
static size_type length(const char_type* p)
{
return (std::strlen)(p);
}
char translate(char c) const
{
return c;
Reported by FlawFinder.
Line: 134
Column: 20
CWE codes:
126
static size_type length(const char_type* p)
{
return (std::wcslen)(p);
}
wchar_t translate(wchar_t c) const
{
return c;
Reported by FlawFinder.
src/third_party/boost/boost/regex/v4/fileiter.hpp
5 issues
Line: 96
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct _fi_find_data
{
unsigned dwFileAttributes;
char cFileName[MAX_PATH];
};
struct _fi_priv_data;
typedef _fi_priv_data* _fi_find_handle;
Reported by FlawFinder.
Line: 152
Column: 69
CWE codes:
362
typedef const char* iterator;
mapfile(){ hfile = hmap = 0; _first = _last = 0; }
mapfile(const char* file){ hfile = hmap = 0; _first = _last = 0; open(file); }
~mapfile(){ close(); }
void open(const char* file);
void close();
const char* begin(){ return _first; }
const char* end(){ return _last; }
Reported by FlawFinder.
Line: 154
Column: 9
CWE codes:
362
mapfile(){ hfile = hmap = 0; _first = _last = 0; }
mapfile(const char* file){ hfile = hmap = 0; _first = _last = 0; open(file); }
~mapfile(){ close(); }
void open(const char* file);
void close();
const char* begin(){ return _first; }
const char* end(){ return _last; }
size_t size(){ return _last - _first; }
bool valid(){ return (hfile != 0) && (hfile != INVALID_HANDLE_VALUE); }
Reported by FlawFinder.
Line: 186
Column: 73
CWE codes:
362
typedef mapfile_iterator iterator;
mapfile(){ hfile = 0; _size = 0; _first = _last = 0; }
mapfile(const char* file){ hfile = 0; _size = 0; _first = _last = 0; open(file); }
~mapfile(){ close(); }
void open(const char* file);
void close();
iterator begin()const;
iterator end()const;
Reported by FlawFinder.
Line: 188
Column: 9
CWE codes:
362
mapfile(){ hfile = 0; _size = 0; _first = _last = 0; }
mapfile(const char* file){ hfile = 0; _size = 0; _first = _last = 0; open(file); }
~mapfile(){ close(); }
void open(const char* file);
void close();
iterator begin()const;
iterator end()const;
unsigned long size()const{ return _size; }
bool valid()const{ return hfile != 0; }
Reported by FlawFinder.
src/third_party/wiredtiger/bench/wtperf/track.c
5 issues
Line: 354
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
FILE *fp;
u_int i;
uint64_t cumops;
char path[1024];
testutil_check(__wt_snprintf(path, sizeof(path), "%s/latency.%s", wtperf->monitor_dir, name));
if ((fp = fopen(path, "w")) == NULL) {
lprintf(wtperf, errno, 0, "%s", path);
return;
Reported by FlawFinder.
Line: 357
Column: 15
CWE codes:
362
char path[1024];
testutil_check(__wt_snprintf(path, sizeof(path), "%s/latency.%s", wtperf->monitor_dir, name));
if ((fp = fopen(path, "w")) == NULL) {
lprintf(wtperf, errno, 0, "%s", path);
return;
}
fprintf(fp, "#usecs,operations,cumulative-operations,total-operations\n");
Reported by FlawFinder.
Line: 146
Column: 53
CWE codes:
120
20
uint64_t
sum_read_ops(WTPERF *wtperf)
{
return (sum_ops(wtperf, offsetof(WTPERF_THREAD, read)));
}
uint64_t
sum_truncate_ops(WTPERF *wtperf)
{
return (sum_ops(wtperf, offsetof(WTPERF_THREAD, truncate)));
Reported by FlawFinder.
Line: 257
Column: 48
CWE codes:
120
20
{
static uint32_t last_avg = 0, last_max = 0, last_min = 0;
latency_op(wtperf, offsetof(WTPERF_THREAD, read), avgp, minp, maxp);
/*
* If nothing happened, graph the average, minimum and maximum as they were the last time, it
* keeps the graphs from having discontinuities.
*/
Reported by FlawFinder.
Line: 340
Column: 49
CWE codes:
120
20
static void
sum_read_latency(WTPERF *wtperf, TRACK *total)
{
sum_latency(wtperf, offsetof(WTPERF_THREAD, read), total);
}
static void
sum_update_latency(WTPERF *wtperf, TRACK *total)
{
sum_latency(wtperf, offsetof(WTPERF_THREAD, update), total);
Reported by FlawFinder.
src/third_party/boost/boost/random/detail/seed.hpp
5 issues
Line: 26
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#include <boost/type_traits/is_arithmetic.hpp>
namespace boost {
namespace random {
namespace detail {
template<class T>
struct disable_seed : boost::disable_if<boost::is_arithmetic<T> > {};
Reported by FlawFinder.
Line: 40
Column: 53
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#define BOOST_RANDOM_DETAIL_GENERATOR_CONSTRUCTOR(Self, Generator, gen) \
template<class Generator> \
explicit Self(Generator& gen, typename ::boost::random::detail::disable_constructor<Self, Generator>::type* = 0)
#define BOOST_RANDOM_DETAIL_GENERATOR_SEED(Self, Generator, gen) \
template<class Generator> \
void seed(Generator& gen, typename ::boost::random::detail::disable_seed<Generator>::type* = 0)
Reported by FlawFinder.
Line: 44
Column: 49
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#define BOOST_RANDOM_DETAIL_GENERATOR_SEED(Self, Generator, gen) \
template<class Generator> \
void seed(Generator& gen, typename ::boost::random::detail::disable_seed<Generator>::type* = 0)
#define BOOST_RANDOM_DETAIL_SEED_SEQ_CONSTRUCTOR(Self, SeedSeq, seq) \
template<class SeedSeq> \
explicit Self(SeedSeq& seq, typename ::boost::random::detail::disable_constructor<Self, SeedSeq>::type* = 0)
Reported by FlawFinder.
Line: 48
Column: 51
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#define BOOST_RANDOM_DETAIL_SEED_SEQ_CONSTRUCTOR(Self, SeedSeq, seq) \
template<class SeedSeq> \
explicit Self(SeedSeq& seq, typename ::boost::random::detail::disable_constructor<Self, SeedSeq>::type* = 0)
#define BOOST_RANDOM_DETAIL_SEED_SEQ_SEED(Self, SeedSeq, seq) \
template<class SeedSeq> \
void seed(SeedSeq& seq, typename ::boost::random::detail::disable_seed<SeedSeq>::type* = 0)
Reported by FlawFinder.
Line: 52
Column: 47
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#define BOOST_RANDOM_DETAIL_SEED_SEQ_SEED(Self, SeedSeq, seq) \
template<class SeedSeq> \
void seed(SeedSeq& seq, typename ::boost::random::detail::disable_seed<SeedSeq>::type* = 0)
#define BOOST_RANDOM_DETAIL_ARITHMETIC_CONSTRUCTOR(Self, T, x) \
explicit Self(const T& x)
#define BOOST_RANDOM_DETAIL_ARITHMETIC_SEED(Self, T, x) \
Reported by FlawFinder.
src/third_party/boost/boost/iostreams/detail/system_failure.hpp
5 issues
Line: 26
Column: 25
CWE codes:
126
#include <boost/iostreams/detail/ios.hpp> // failure.
#if defined(BOOST_NO_STDC_NAMESPACE) && !defined(__LIBCOMO__)
namespace std { using ::strlen; }
#endif
#ifdef BOOST_IOSTREAMS_WINDOWS
# define WIN32_LEAN_AND_MEAN // Exclude rarely-used stuff from Windows headers
# include <windows.h>
Reported by FlawFinder.
Line: 55
Column: 29
CWE codes:
126
0,
NULL ) != 0 )
{
result.reserve(std::strlen(msg) + 2 + std::strlen((LPSTR)lpMsgBuf));
result.append(msg);
result.append(": ");
result.append((LPSTR) lpMsgBuf);
::LocalFree(lpMsgBuf);
} else {
Reported by FlawFinder.
Line: 55
Column: 52
CWE codes:
126
0,
NULL ) != 0 )
{
result.reserve(std::strlen(msg) + 2 + std::strlen((LPSTR)lpMsgBuf));
result.append(msg);
result.append(": ");
result.append((LPSTR) lpMsgBuf);
::LocalFree(lpMsgBuf);
} else {
Reported by FlawFinder.
Line: 65
Column: 25
CWE codes:
126
}
#else
const char* system_msg = errno ? strerror(errno) : "";
result.reserve(std::strlen(msg) + 2 + std::strlen(system_msg));
result.append(msg);
result.append(": ");
result.append(system_msg);
#endif
return BOOST_IOSTREAMS_FAILURE(result);
Reported by FlawFinder.
Line: 65
Column: 48
CWE codes:
126
}
#else
const char* system_msg = errno ? strerror(errno) : "";
result.reserve(std::strlen(msg) + 2 + std::strlen(system_msg));
result.append(msg);
result.append(": ");
result.append(system_msg);
#endif
return BOOST_IOSTREAMS_FAILURE(result);
Reported by FlawFinder.
src/third_party/boost/boost/iostreams/detail/forward.hpp
5 issues
Line: 50
Column: 10
CWE codes:
362
{ this->impl(::boost::iostreams::detail::wrap(t) args()); } \
class(const ::boost::reference_wrapper<device>& ref params()) \
{ this->impl(ref args()); } \
void open(const device& t params()) \
{ this->impl(::boost::iostreams::detail::wrap(t) args()); } \
void open(device& t params()) \
{ this->impl(::boost::iostreams::detail::wrap(t) args()); } \
void open(const ::boost::reference_wrapper<device>& ref params()) \
{ this->impl(ref args()); } \
Reported by FlawFinder.
Line: 52
Column: 10
CWE codes:
362
{ this->impl(ref args()); } \
void open(const device& t params()) \
{ this->impl(::boost::iostreams::detail::wrap(t) args()); } \
void open(device& t params()) \
{ this->impl(::boost::iostreams::detail::wrap(t) args()); } \
void open(const ::boost::reference_wrapper<device>& ref params()) \
{ this->impl(ref args()); } \
BOOST_PP_REPEAT_FROM_TO( \
1, BOOST_PP_INC(BOOST_IOSTREAMS_MAX_FORWARDING_ARITY), \
Reported by FlawFinder.
Line: 54
Column: 10
CWE codes:
362
{ this->impl(::boost::iostreams::detail::wrap(t) args()); } \
void open(device& t params()) \
{ this->impl(::boost::iostreams::detail::wrap(t) args()); } \
void open(const ::boost::reference_wrapper<device>& ref params()) \
{ this->impl(ref args()); } \
BOOST_PP_REPEAT_FROM_TO( \
1, BOOST_PP_INC(BOOST_IOSTREAMS_MAX_FORWARDING_ARITY), \
BOOST_IOSTREAMS_FORWARDING_CTOR, (class, impl, device) \
) \
Reported by FlawFinder.
Line: 86
Column: 10
CWE codes:
362
/**/
#define BOOST_IOSTREAMS_FORWARDING_FN(z, n, tuple) \
template<BOOST_PP_ENUM_PARAMS_Z(z, n, typename U)> \
void open(BOOST_PP_ENUM_BINARY_PARAMS_Z(z, n, const U, &u) \
BOOST_IOSTREAMS_DISABLE_IF_SAME(U0, BOOST_PP_TUPLE_ELEM(3, 2, tuple))) \
{ this->BOOST_PP_TUPLE_ELEM(3, 1, tuple) \
( BOOST_PP_TUPLE_ELEM(3, 2, tuple) \
(BOOST_PP_ENUM_PARAMS_Z(z, n, u)) ); } \
template< typename U100 BOOST_PP_COMMA_IF(BOOST_PP_DEC(n)) \
Reported by FlawFinder.
Line: 93
Column: 10
CWE codes:
362
(BOOST_PP_ENUM_PARAMS_Z(z, n, u)) ); } \
template< typename U100 BOOST_PP_COMMA_IF(BOOST_PP_DEC(n)) \
BOOST_PP_ENUM_PARAMS_Z(z, BOOST_PP_DEC(n), typename U) > \
void open \
( U100& u100 BOOST_PP_COMMA_IF(BOOST_PP_DEC(n)) \
BOOST_PP_ENUM_BINARY_PARAMS_Z(z, BOOST_PP_DEC(n), const U, &u) \
BOOST_IOSTREAMS_DISABLE_IF_SAME(U100, BOOST_PP_TUPLE_ELEM(3, 2, tuple))) \
{ this->BOOST_PP_TUPLE_ELEM(3, 1, tuple) \
( u100 BOOST_PP_COMMA_IF(BOOST_PP_DEC(n)) \
Reported by FlawFinder.
src/third_party/boost/boost/iostreams/detail/adapter/mode_adapter.hpp
5 issues
Line: 48
Column: 21
CWE codes:
120
20
// Device member functions.
std::streamsize read(char_type* s, std::streamsize n);
std::streamsize write(const char_type* s, std::streamsize n);
std::streampos seek( stream_offset off, BOOST_IOS::seekdir way,
BOOST_IOS::openmode which =
BOOST_IOS::in | BOOST_IOS::out );
void close();
Reported by FlawFinder.
Line: 59
Column: 21
CWE codes:
120
20
// Filter member functions.
template<typename Source>
std::streamsize read(Source& src, char_type* s, std::streamsize n)
{ return iostreams::read(t_, src, s, n); }
template<typename Sink>
std::streamsize write(Sink& snk, const char_type* s, std::streamsize n)
{ return iostreams::write(t_, snk, s, n); }
Reported by FlawFinder.
Line: 60
Column: 25
CWE codes:
120
20
template<typename Source>
std::streamsize read(Source& src, char_type* s, std::streamsize n)
{ return iostreams::read(t_, src, s, n); }
template<typename Sink>
std::streamsize write(Sink& snk, const char_type* s, std::streamsize n)
{ return iostreams::write(t_, snk, s, n); }
Reported by FlawFinder.
Line: 93
Column: 40
CWE codes:
120
20
//------------------Implementation of mode_adapter----------------------------//
template<typename Mode, typename T>
std::streamsize mode_adapter<Mode, T>::read
(char_type* s, std::streamsize n)
{ return boost::iostreams::read(t_, s, n); }
template<typename Mode, typename T>
std::streamsize mode_adapter<Mode, T>::write
Reported by FlawFinder.
Line: 95
Column: 28
CWE codes:
120
20
template<typename Mode, typename T>
std::streamsize mode_adapter<Mode, T>::read
(char_type* s, std::streamsize n)
{ return boost::iostreams::read(t_, s, n); }
template<typename Mode, typename T>
std::streamsize mode_adapter<Mode, T>::write
(const char_type* s, std::streamsize n)
{ return boost::iostreams::write(t_, s, n); }
Reported by FlawFinder.