The following issues were found

src/third_party/mozjs-60/extract/js/src/frontend/Parser.cpp
4 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1071 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  anyChars.srcCoords.lineNumAndColumnIndex(openedPos, &line, &column);

    const size_t MaxWidth = sizeof("4294967295");
    char columnNumber[MaxWidth];
    SprintfLiteral(columnNumber, "%" PRIu32, column);
    char lineNumber[MaxWidth];
    SprintfLiteral(lineNumber, "%" PRIu32, line);

    if (!notes->addNoteASCII(pc->sc()->context,

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1073 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  const size_t MaxWidth = sizeof("4294967295");
    char columnNumber[MaxWidth];
    SprintfLiteral(columnNumber, "%" PRIu32, column);
    char lineNumber[MaxWidth];
    SprintfLiteral(lineNumber, "%" PRIu32, line);

    if (!notes->addNoteASCII(pc->sc()->context,
                             getFilename(), line, column,
                             GetErrorMessage, nullptr,

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1112 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  anyChars.srcCoords.lineNumAndColumnIndex(prevPos, &line, &column);

    const size_t MaxWidth = sizeof("4294967295");
    char columnNumber[MaxWidth];
    SprintfLiteral(columnNumber, "%" PRIu32, column);
    char lineNumber[MaxWidth];
    SprintfLiteral(lineNumber, "%" PRIu32, line);

    if (!notes->addNoteASCII(pc->sc()->context,

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1114 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  const size_t MaxWidth = sizeof("4294967295");
    char columnNumber[MaxWidth];
    SprintfLiteral(columnNumber, "%" PRIu32, column);
    char lineNumber[MaxWidth];
    SprintfLiteral(lineNumber, "%" PRIu32, line);

    if (!notes->addNoteASCII(pc->sc()->context,
                             getFilename(), line, column,
                             GetErrorMessage, nullptr,

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/ds/LifoAlloc.h
4 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 919 Column: 9 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                      if (MOZ_UNLIKELY(!n))
            return nullptr;
        MOZ_ASSERT(!(oldSize & mozilla::tl::MulOverflowMask<sizeof(T)>::value));
        memcpy(n, p, Min(oldSize * sizeof(T), newSize * sizeof(T)));
        return n;
    }
    template <typename T>
    T* pod_malloc(size_t numElems) {
        return maybe_pod_malloc<T>(numElems);

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 835 Column: 12 CWE codes: 120 20 

              
        // Move the read position forward by the size of one T.
        template <typename T>
        T* read(size_t size = sizeof(T)) {
            return reinterpret_cast<T*>(read(size));
        }

        // Return a pointer to the item at the current position. This returns a
        // pointer to the inline storage, not a copy, and moves the read-head by

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 836 Column: 41 CWE codes: 120 20 

                      // Move the read position forward by the size of one T.
        template <typename T>
        T* read(size_t size = sizeof(T)) {
            return reinterpret_cast<T*>(read(size));
        }

        // Return a pointer to the item at the current position. This returns a
        // pointer to the inline storage, not a copy, and moves the read-head by
        // the requested |size|.

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 842 Column: 15 CWE codes: 120 20 

                      // Return a pointer to the item at the current position. This returns a
        // pointer to the inline storage, not a copy, and moves the read-head by
        // the requested |size|.
        void* read(size_t size) {
            return seekBaseAndAdvanceBy(size);
        }
    };
};

Reported by FlawFinder.

src/third_party/wiredtiger/test/csuite/wt2695_checksum/main.c
4 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 92 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  check(sw, (uint32_t)0x48674bc7, len, "nul x4: software");

    len = strlen("123456789");
    memcpy(data, "123456789", len);
    hw = __wt_checksum(data, len);
    check(hw, (uint32_t)0xe3069283, len, "known string #1: hardware");
    sw = __wt_checksum_sw(data, len);
    check(sw, (uint32_t)0xe3069283, len, "known string #1: software");

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 99 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  check(sw, (uint32_t)0xe3069283, len, "known string #1: software");

    len = strlen("The quick brown fox jumps over the lazy dog");
    memcpy(data, "The quick brown fox jumps over the lazy dog", len);
    hw = __wt_checksum(data, len);
    check(hw, (uint32_t)0x22620404, len, "known string #2: hardware");
    sw = __wt_checksum_sw(data, len);
    check(sw, (uint32_t)0x22620404, len, "known string #2: software");

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 91 Column: 11 CWE codes: 126 

                  sw = __wt_checksum_sw(data, len);
    check(sw, (uint32_t)0x48674bc7, len, "nul x4: software");

    len = strlen("123456789");
    memcpy(data, "123456789", len);
    hw = __wt_checksum(data, len);
    check(hw, (uint32_t)0xe3069283, len, "known string #1: hardware");
    sw = __wt_checksum_sw(data, len);
    check(sw, (uint32_t)0xe3069283, len, "known string #1: software");

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 98 Column: 11 CWE codes: 126 

                  sw = __wt_checksum_sw(data, len);
    check(sw, (uint32_t)0xe3069283, len, "known string #1: software");

    len = strlen("The quick brown fox jumps over the lazy dog");
    memcpy(data, "The quick brown fox jumps over the lazy dog", len);
    hw = __wt_checksum(data, len);
    check(hw, (uint32_t)0x22620404, len, "known string #2: hardware");
    sw = __wt_checksum_sw(data, len);
    check(sw, (uint32_t)0x22620404, len, "known string #2: software");

Reported by FlawFinder.

buildscripts/idl/idl/enum_types.py
4 issues
Attempted relative import beyond top-level package
Error

Line: 38 Column: 1 

              import textwrap
from typing import cast, List, Optional, Union

from . import ast
from . import common
from . import syntax
from . import writer

Reported by Pylint.

Attempted relative import beyond top-level package
Error

Line: 39 Column: 1 

              from typing import cast, List, Optional, Union

from . import ast
from . import common
from . import syntax
from . import writer


class EnumTypeInfoBase(object, metaclass=ABCMeta):

Reported by Pylint.

Attempted relative import beyond top-level package
Error

Line: 40 Column: 1 

              
from . import ast
from . import common
from . import syntax
from . import writer


class EnumTypeInfoBase(object, metaclass=ABCMeta):
    """Base type for enumeration type information."""

Reported by Pylint.

Attempted relative import beyond top-level package
Error

Line: 41 Column: 1 

              from . import ast
from . import common
from . import syntax
from . import writer


class EnumTypeInfoBase(object, metaclass=ABCMeta):
    """Base type for enumeration type information."""

Reported by Pylint.

src/third_party/wiredtiger/test/csuite/wt2592_join_schema/main.c
4 issues
printf - If format strings can be influenced by an attacker, they can be exploited
Security

Line: 116 Column: 9 CWE codes: 134
Suggestion: Use a constant for the format specification 

                  while ((ret = join_cursor->next(join_cursor)) == 0) {
        testutil_check(join_cursor->get_key(join_cursor, &recno));
        testutil_check(join_cursor->get_value(join_cursor, &country, &year, &population));
        printf("ID %" PRIu64, recno);
        printf(
          ": country %s, year %" PRIu16 ", population %" PRIu64 "\n", country, year, population);
        count++;
    }
    testutil_assert(ret == WT_NOTFOUND);

Reported by FlawFinder.

printf - If format strings can be influenced by an attacker, they can be exploited
Security

Line: 162 Column: 9 CWE codes: 134
Suggestion: Use a constant for the format specification 

                  while ((ret = join_cursor->next(join_cursor)) == 0) {
        testutil_check(join_cursor->get_key(join_cursor, &recno));
        testutil_check(join_cursor->get_value(join_cursor, &country, &year, &population));
        printf("ID %" PRIu64, recno);
        printf(
          ": country %s, year %" PRIu16 ", population %" PRIu64 "\n", country, year, population);
        count++;
    }
    testutil_assert(ret == WT_NOTFOUND);

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 39 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
/* The C struct for the data we are storing in a WiredTiger table. */
typedef struct {
    char country[5];
    uint16_t year;
    uint64_t population;
} POP_RECORD;

static POP_RECORD pop_data[] = {{"AU", 1900, 4000000}, {"AU", 1950, 8267337},

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 58 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                    *year_cursor;
    WT_SESSION *session;
    const char *country, *tablename;
    char countryuri[256], joinuri[256], yearuri[256];
    uint64_t population, recno;
    uint16_t year;
    int count, ret;

    opts = &_opts;

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/builtin/TypedObject.cpp
4 issues
There is an unknown macro here somewhere. Configuration is required. If JS_FOR_EACH_UNIQUE_SCALAR_TYPE_REPR_CTYPE is a macro then please configure it.
Error

Line: 2784 

              
// I was using templates for this stuff instead of macros, but ran
// into problems with the Unagi compiler.
JS_FOR_EACH_UNIQUE_SCALAR_TYPE_REPR_CTYPE(JS_STORE_SCALAR_CLASS_IMPL)
JS_FOR_EACH_UNIQUE_SCALAR_TYPE_REPR_CTYPE(JS_LOAD_SCALAR_CLASS_IMPL)
JS_FOR_EACH_REFERENCE_TYPE_REPR(JS_STORE_REFERENCE_CLASS_IMPL)
JS_FOR_EACH_REFERENCE_TYPE_REPR(JS_LOAD_REFERENCE_CLASS_IMPL)

///////////////////////////////////////////////////////////////////////////

Reported by Cppcheck.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 2108 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  if (!res)
        return nullptr;

    memcpy(res->inlineTypedMem(), templateObject->inlineTypedMem(), templateObject->size());
    return res;
}

/* static */ void
InlineTypedObject::obj_trace(JSTracer* trc, JSObject* object)

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 2901 Column: 9 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  uint8_t* target = mem;
    for (size_t i = 1; i < length; i++) {
        target += size();
        memcpy(target, mem, size());
    }
}

///////////////////////////////////////////////////////////////////////////
// Tracing instances

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 1177 Column: 48 CWE codes: 126 

                                  Handle<TypedObjectModuleObject*> module,
                    TypedObjectModuleObject::Slot protoSlot)
{
    RootedAtom className(cx, Atomize(cx, name, strlen(name)));
    if (!className)
        return nullptr;

    RootedObject funcProto(cx, GlobalObject::getOrCreateFunctionPrototype(cx, global));
    if (!funcProto)

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/builtin/ReflectParse.cpp
4 issues
There is an unknown macro here somewhere. Configuration is required. If JS_PUBLIC_API is a macro then please configure it.
Error

Line: 3519 

                  return true;
}

JS_PUBLIC_API(bool)
JS_InitReflectParse(JSContext* cx, HandleObject global)
{
    RootedValue reflectVal(cx);
    if (!GetProperty(cx, global, global, cx->names().Reflect, &reflectVal))
        return false;

Reported by Cppcheck.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 278 Column: 51 CWE codes: 126 

                      RootedValue funv(cx);
        for (unsigned i = 0; i < AST_LIMIT; i++) {
            const char* name = callbackNames[i];
            RootedAtom atom(cx, Atomize(cx, name, strlen(name)));
            if (!atom)
                return false;
            RootedId id(cx, AtomToId(atom));
            if (!GetPropertyDefault(cx, userobj, id, nullVal, &funv))
                return false;

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 359 Column: 44 CWE codes: 126 

                      /*
         * Bug 575416: instead of Atomize, lookup constant atoms in tbl file
         */
        RootedAtom atom(cx, Atomize(cx, s, strlen(s)));
        if (!atom)
            return false;

        dst.setString(atom);
        return true;

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 432 Column: 47 CWE codes: 126 

                      /*
         * Bug 575416: instead of Atomize, lookup constant atoms in tbl file
         */
        RootedAtom atom(cx, Atomize(cx, name, strlen(name)));
        if (!atom)
            return false;

        /* Represent "no node" as null and ensure users are not exposed to magic values. */
        RootedValue optVal(cx, val.isMagic(JS_SERIALIZE_NO_NODE) ? NullValue() : val);

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/builtin/Object.cpp
4 issues
Syntax Error: AST broken, 'for' doesn't have two operands.
Error

Line: 1197 

                  // We also check for enumerability and symbol properties, so uninteresting
    // non-data properties like |array.length| don't let us fall into the slow
    // path.
    for (Shape::Range<NoGC> r(obj->lastProperty()); !r.empty(); r.popFront()) {
        Shape* shape = &r.front();
        if (!shape->isDataProperty() && shape->enumerable() && !JSID_IS_SYMBOL(shape->propid()))
            return true;
    }
    return false;

Reported by Cppcheck.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 138 Column: 18 CWE codes: 126 

              static bool
Consume(const CharT*& s, const CharT* e, const char *chars)
{
    size_t len = strlen(chars);
    if (s + len >= e)
        return false;
    if (!EqualChars(s, chars, len))
        return false;
    s += len;

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 594 Column: 65 CWE codes: 126 

                      if (!builtinTag) {
            const char* className = GetObjectClassName(cx, obj);
            StringBuffer sb(cx);
            if (!sb.append("[object ") || !sb.append(className, strlen(className)) ||
                !sb.append(']'))
            {
                return false;
            }

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 633 Column: 31 CWE codes: 126 

                  const char* className = clasp->name;
    StringBuffer sb(cx);
    if (!sb.append("[object ") ||
        !sb.append(className, strlen(className)) ||
        !sb.append(']'))
    {
        return nullptr;
    }

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/public/UbiNode.h
4 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 375 Column: 9 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  // virtual constructors. See the comment above Node's copy constructor for
    // more details; that comment applies here as well.
    StackFrame(const StackFrame& rhs) {
        memcpy(storage.u.mBytes, rhs.storage.u.mBytes, sizeof(storage.u));
    }

    StackFrame& operator=(const StackFrame& rhs) {
        memcpy(storage.u.mBytes, rhs.storage.u.mBytes, sizeof(storage.u));
        return *this;

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 379 Column: 9 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  }

    StackFrame& operator=(const StackFrame& rhs) {
        memcpy(storage.u.mBytes, rhs.storage.u.mBytes, sizeof(storage.u));
        return *this;
    }

    bool operator==(const StackFrame& rhs) const { return base()->ptr == rhs.base()->ptr; }
    bool operator!=(const StackFrame& rhs) const { return !(*this == rhs); }

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 731 Column: 9 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  // through vtables for copying and assignment that are just going to move
    // two words around. The compiler knows how to optimize memcpy.
    Node(const Node& rhs) {
        memcpy(storage.u.mBytes, rhs.storage.u.mBytes, sizeof(storage.u));
    }

    Node& operator=(const Node& rhs) {
        memcpy(storage.u.mBytes, rhs.storage.u.mBytes, sizeof(storage.u));
        return *this;

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 735 Column: 9 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  }

    Node& operator=(const Node& rhs) {
        memcpy(storage.u.mBytes, rhs.storage.u.mBytes, sizeof(storage.u));
        return *this;
    }

    bool operator==(const Node& rhs) const { return *base() == *rhs.base(); }
    bool operator!=(const Node& rhs) const { return *base() != *rhs.base(); }

Reported by FlawFinder.

src/third_party/libstemmer_c/examples/stemwords.c
4 issues
fopen - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 179 Column: 32 CWE codes: 362 

                  }

    /* prepare the files */
    f_in = (in == 0) ? stdin : fopen(in, "r");
    if (f_in == 0) {
	fprintf(stderr, "file %s not found\n", in);
	exit(1);
    }
    f_out = (out == 0) ? stdout : fopen(out, "w");

Reported by FlawFinder.

fopen - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 184 Column: 35 CWE codes: 362 

              	fprintf(stderr, "file %s not found\n", in);
	exit(1);
    }
    f_out = (out == 0) ? stdout : fopen(out, "w");
    if (f_out == 0) {
	fprintf(stderr, "file %s cannot be opened\n", out);
	exit(1);
    }

Reported by FlawFinder.

getc - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 23 Column: 18 CWE codes: 120 20 

                  sb_symbol * b = (sb_symbol *) malloc(lim * sizeof(sb_symbol));

    while(1) {
        int ch = getc(f_in);
        if (ch == EOF) {
            free(b); return;
        }
        {
            int i = 0;

Reported by FlawFinder.

getc - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 47 Column: 22 CWE codes: 120 20 

              
                b[i] = ch;
		i++;
                ch = getc(f_in);
            }

	    {
		const sb_symbol * stemmed = sb_stemmer_stem(stemmer, b, i);
                if (stemmed == NULL)

Reported by FlawFinder.