Line: 117 Column: 5 CWE codes: 120
Suggestion: Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)

                    SymCleanup(process);
      return 1;
    }
    strcat(search, ";" WEBSYM);
  } else {
    error = GetLastError();
    fprintf(stderr, "SymGetSearchPath returned error : %lu\n", error);
    rv = 1;                   /* An error, but not a fatal one */
    strcpy(search, WEBSYM);   /* Use a default value */

            

Line: 122 Column: 5 CWE codes: 120
Suggestion: Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)

                  error = GetLastError();
    fprintf(stderr, "SymGetSearchPath returned error : %lu\n", error);
    rv = 1;                   /* An error, but not a fatal one */
    strcpy(search, WEBSYM);   /* Use a default value */
  }
  if (!SymSetSearchPath(process, search)) {
    error = GetLastError();
    fprintf(stderr, "SymSetSearchPath returned error : %lu\n", error);
    rv = 1;                   /* An error, but not a fatal one */

            

Line: 72 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                ULONG64 module_base;
  int i;
  char* search;
  char buf[256];   /* Enough to hold one hex address, I trust! */
  int rv = 0;
  /* We may add SYMOPT_UNDNAME if --demangle is specified: */
  DWORD symopts = SYMOPT_DEFERRED_LOADS | SYMOPT_DEBUG | SYMOPT_LOAD_LINES;
  char* filename = "a.out";         /* The default if -e isn't specified */
  int print_function_name = 0;      /* Set to 1 if -f is specified */

            

Line: 112 Column: 9 CWE codes: 126

              
  search = malloc(SEARCH_CAP);
  if (SymGetSearchPath(process, search, SEARCH_CAP)) {
    if (strlen(search) + sizeof(";" WEBSYM) > SEARCH_CAP) {
      fprintf(stderr, "Search path too long\n");
      SymCleanup(process);
      return 1;
    }
    strcat(search, ";" WEBSYM);

            

Line: 137 Column: 19 CWE codes: 676
Suggestion: Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient

                // Try allocating data with a bunch of alignments and sizes
  for (int a = 1; a < 1048576; a *= 2) {
    for (int s = 0; s != -1; s = NextSize(s)) {
      void* ptr = memalign(a, s);
      CheckAlignment(ptr, a);
      Fill(ptr, s, 'x');
      CHECK(Valid(ptr, s, 'x'));
      free(ptr);


            

Line: 155 Column: 16 CWE codes: 676
Suggestion: Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient

              
  {
    // Check various corner cases
    void* p1 = memalign(1<<20, 1<<19);
    void* p2 = memalign(1<<19, 1<<19);
    void* p3 = memalign(1<<21, 1<<19);
    CheckAlignment(p1, 1<<20);
    CheckAlignment(p2, 1<<19);
    CheckAlignment(p3, 1<<21);

            

Line: 156 Column: 16 CWE codes: 676
Suggestion: Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient

                {
    // Check various corner cases
    void* p1 = memalign(1<<20, 1<<19);
    void* p2 = memalign(1<<19, 1<<19);
    void* p3 = memalign(1<<21, 1<<19);
    CheckAlignment(p1, 1<<20);
    CheckAlignment(p2, 1<<19);
    CheckAlignment(p3, 1<<21);
    Fill(p1, 1<<19, 'a');

            

Line: 157 Column: 16 CWE codes: 676
Suggestion: Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient

                  // Check various corner cases
    void* p1 = memalign(1<<20, 1<<19);
    void* p2 = memalign(1<<19, 1<<19);
    void* p3 = memalign(1<<21, 1<<19);
    CheckAlignment(p1, 1<<20);
    CheckAlignment(p2, 1<<19);
    CheckAlignment(p3, 1<<21);
    Fill(p1, 1<<19, 'a');
    Fill(p2, 1<<19, 'b');

            

Line: 159 Column: 16 CWE codes: 78
Suggestion: try using a library call that implements the same functionality if available

                      printf("FORK failed!\n");
        return 1;
      case 0:             // child
        return execl(argv[0], argv[0], NULL);   // run child with no args
      default:
        wait(NULL);       // we'll let the kids run one at a time
    }
  }


            

Line: 89 Column: 26 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

                // If you run this with whole-program heap-profiling on, than
  // IsHeapProfilerRunning should return true.
  if (!IsHeapProfilerRunning()) {
    const char* tmpdir = getenv("TMPDIR");
    if (tmpdir == NULL)
      tmpdir = "/tmp";
    mkdir(tmpdir, 0755);     // if necessary
    HeapProfilerStart((string(tmpdir) + "/start_stop").c_str());
    CHECK(IsHeapProfilerRunning());

            

Line: 108 Column: 26 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

                // If you run this with whole-program heap-profiling on, than
  // IsHeapProfilerRunning should return true.
  if (!IsHeapProfilerRunning()) {
    const char* tmpdir = getenv("TMPDIR");
    if (tmpdir == NULL)
      tmpdir = "/tmp";
    mkdir(tmpdir, 0755);     // if necessary
    HeapProfilerStart((string(tmpdir) + "/dump").c_str());
    CHECK(IsHeapProfilerRunning());

            

Line: 132 Column: 17 CWE codes: 190
Suggestion: If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)

                }
  int num_forks = 0;
  if (argc == 2) {
    num_forks = atoi(argv[1]);
  }

  TestHeapProfilerStartStopIsRunning();
  TestDumpHeapProfiler();


            

Line: 120 Column: 26 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

              class ProfileDataChecker {
 public:
  ProfileDataChecker() {
    const char* tmpdir = getenv("TMPDIR");
    if (tmpdir == NULL)
      tmpdir = "/tmp";
    mkdir(tmpdir, 0755);     // if necessary
    filename_ = string(tmpdir) + "/profiledata_unittest.tmp";
  }

            

Line: 166 Column: 21 CWE codes: 362

              string ProfileDataChecker::CheckWithSkips(const ProfileDataSlot* slots,
                                          int num_slots, const int* skips,
                                          int num_skips) {
  FileDescriptor fd(open(filename_.c_str(), O_RDONLY));
  if (fd.get() < 0)
    return "file open error";

  scoped_array<ProfileDataSlot> filedata(new ProfileDataSlot[num_slots]);
  size_t expected_bytes = num_slots * sizeof filedata[0];

            

Line: 189 Column: 21 CWE codes: 362

              }

string ProfileDataChecker::ValidateProfile() {
  FileDescriptor fd(open(filename_.c_str(), O_RDONLY));
  if (fd.get() < 0)
    return "file open error";

  struct stat statbuf;
  if (fstat(fd.get(), &statbuf) != 0)

            

Line: 81 Column: 19 CWE codes: 120 20

                ssize_t num_bytes = 0;
  while (num_bytes < count) {
    ssize_t len;
    NO_INTR(len = read(fd, buf0 + num_bytes, count - num_bytes));
    if (len < 0) {  // There was an error other than EINTR.
      return -1;
    }
    if (len == 0) {  // Reached EOF.
      break;

            

Line: 343 Column: 18 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

                    per_thread_timer_enabled_(false) {
  SpinLockHolder cl(&control_lock_);

  timer_type_ = (getenv("CPUPROFILE_REALTIME") ? ITIMER_REAL : ITIMER_PROF);
  signal_number_ = (timer_type_ == ITIMER_PROF ? SIGPROF : SIGALRM);

  // Get frequency of interrupts (if specified)
  char junk;
  const char* fr = getenv("CPUPROFILE_FREQUENCY");

            

Line: 348 Column: 20 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

              
  // Get frequency of interrupts (if specified)
  char junk;
  const char* fr = getenv("CPUPROFILE_FREQUENCY");
  if (fr != NULL && (sscanf(fr, "%u%c", &frequency_, &junk) == 1) &&
      (frequency_ > 0)) {
    // Limit to kMaxFrequency
    frequency_ = (frequency_ > kMaxFrequency) ? kMaxFrequency : frequency_;
  } else {

            

Line: 364 Column: 28 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

              #if HAVE_LINUX_SIGEV_THREAD_ID
  // Do this early because we might be overriding signal number.

  const char *per_thread = getenv("CPUPROFILE_PER_THREAD_TIMERS");
  const char *signal_number = getenv("CPUPROFILE_TIMER_SIGNAL");

  if (per_thread || signal_number) {
    if (timer_create && pthread_once) {
      CreateThreadTimerKey(&thread_timer_key);

            

Line: 365 Column: 31 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

                // Do this early because we might be overriding signal number.

  const char *per_thread = getenv("CPUPROFILE_PER_THREAD_TIMERS");
  const char *signal_number = getenv("CPUPROFILE_TIMER_SIGNAL");

  if (per_thread || signal_number) {
    if (timer_create && pthread_once) {
      CreateThreadTimerKey(&thread_timer_key);
      per_thread_timer_enabled_ = true;

            

Line: 152 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                void* Alloc(size_t size, size_t *actual_size, size_t alignment);
};
static union {
  char buf[sizeof(SbrkSysAllocator)];
  void *ptr;
} sbrk_space;

class MmapSysAllocator : public SysAllocator {
public:

            

Line: 163 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                void* Alloc(size_t size, size_t *actual_size, size_t alignment);
};
static union {
  char buf[sizeof(MmapSysAllocator)];
  void *ptr;
} mmap_space;

class DevMemSysAllocator : public SysAllocator {
public:

            

Line: 200 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                const char* names_[kMaxAllocators];
};
static union {
  char buf[sizeof(DefaultSysAllocator)];
  void *ptr;
} default_space;
static const char sbrk_name[] = "SbrkSysAllocator";
static const char mmap_name[] = "MmapSysAllocator";


            

Line: 367 Column: 18 CWE codes: 362

                }

  if (!initialized) {
    physmem_fd = open("/dev/mem", O_RDWR);
    if (physmem_fd < 0) {
      return NULL;
    }
    physmem_base = FLAGS_malloc_devmem_start*1024LL*1024LL;
    physmem_limit = FLAGS_malloc_devmem_limit*1024LL*1024LL;

            

Line: 73 Column: 29 CWE codes: 120 20

                  const char* p = _nsStart + _nsLen + 1;
    checkRead<int>(p, 2);

    return ConstDataView(p).read<LittleEndian<int32_t>>(sizeof(int32_t));
}

int DbMessage::pullInt() {
    return readAndAdvance<int32_t>();
}

            

Line: 128 Column: 14 CWE codes: 120 20

              }

template <typename T>
T DbMessage::read() const {
    checkRead<T>(_nextjsobj, 1);

    return ConstDataView(_nextjsobj).read<LittleEndian<T>>();
}


            

Line: 131 Column: 38 CWE codes: 120 20

              T DbMessage::read() const {
    checkRead<T>(_nextjsobj, 1);

    return ConstDataView(_nextjsobj).read<LittleEndian<T>>();
}

template <typename T>
T DbMessage::readAndAdvance() {
    T t = read<T>();

            

Line: 136 Column: 11 CWE codes: 120 20

              
template <typename T>
T DbMessage::readAndAdvance() {
    T t = read<T>();
    _nextjsobj += sizeof(T);
    return t;
}



            

Line: 154 Column: 35 CWE codes: 362

              }

buffered_file::buffered_file(cstring_view filename, cstring_view mode) {
  FMT_RETRY_VAL(file_, FMT_SYSTEM(fopen(filename.c_str(), mode.c_str())),
                nullptr);
  if (!file_)
    FMT_THROW(system_error(errno, "cannot open file {}", filename.c_str()));
}


            

Line: 183 Column: 33 CWE codes: 362

                fd_ = -1;
  FMT_POSIX_CALL(sopen_s(&fd_, path.c_str(), oflag, _SH_DENYNO, mode));
#  else
  FMT_RETRY(fd_, FMT_POSIX_CALL(open(path.c_str(), oflag, mode)));
#  endif
  if (fd_ == -1)
    FMT_THROW(system_error(errno, "cannot open file {}", path.c_str()));
}


            

Line: 231 Column: 19 CWE codes: 120 20

              #  endif
}

std::size_t file::read(void* buffer, std::size_t count) {
  RWResult result = 0;
  FMT_RETRY(result, FMT_POSIX_CALL(read(fd_, buffer, convert_rwcount(count))));
  if (result < 0) FMT_THROW(system_error(errno, "cannot read from file"));
  return detail::to_unsigned(result);
}

            

Line: 233 Column: 36 CWE codes: 120 20

              
std::size_t file::read(void* buffer, std::size_t count) {
  RWResult result = 0;
  FMT_RETRY(result, FMT_POSIX_CALL(read(fd_, buffer, convert_rwcount(count))));
  if (result < 0) FMT_THROW(system_error(errno, "cannot read from file"));
  return detail::to_unsigned(result);
}

std::size_t file::write(const void* buffer, std::size_t count) {

            

Line: 83 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              
  // Get vendor string (issue CPUID with eax = 0)
  cpuid(eax, ebx, ecx, edx, 0);
  char vendor[13];
  memcpy(vendor, &ebx, 4);
  memcpy(vendor + 4, &edx, 4);
  memcpy(vendor + 8, &ecx, 4);
  vendor[12] = 0;


            

Line: 84 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

                // Get vendor string (issue CPUID with eax = 0)
  cpuid(eax, ebx, ecx, edx, 0);
  char vendor[13];
  memcpy(vendor, &ebx, 4);
  memcpy(vendor + 4, &edx, 4);
  memcpy(vendor + 8, &ecx, 4);
  vendor[12] = 0;

  // get feature flags in ecx/edx, and family/model in eax

            

Line: 85 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

                cpuid(eax, ebx, ecx, edx, 0);
  char vendor[13];
  memcpy(vendor, &ebx, 4);
  memcpy(vendor + 4, &edx, 4);
  memcpy(vendor + 8, &ecx, 4);
  vendor[12] = 0;

  // get feature flags in ecx/edx, and family/model in eax
  cpuid(eax, ebx, ecx, edx, 1);

            

Line: 86 Column: 3 CWE codes: 120
Suggestion: Make sure destination can always hold the source data

                char vendor[13];
  memcpy(vendor, &ebx, 4);
  memcpy(vendor + 4, &edx, 4);
  memcpy(vendor + 8, &ecx, 4);
  vendor[12] = 0;

  // get feature flags in ecx/edx, and family/model in eax
  cpuid(eax, ebx, ecx, edx, 1);


            

Line: 166 Column: 33 CWE codes: 120 20

                      // to not be optimized away has to have external linkage

#if (_MSC_VER >= 1400)
#pragma section(".CRT$XIU",long,read)
#pragma section(".CRT$XCU",long,read)
#pragma section(".CRT$XTU",long,read)
#pragma section(".CRT$XLC",long,read)
        extern const __declspec(allocate(".CRT$XLC")) _TLSCB p_tls_callback = on_tls_callback;
        extern const __declspec(allocate(".CRT$XIU")) _PIFV_ p_tls_prepare = on_tls_prepare;

            

Line: 167 Column: 33 CWE codes: 120 20

              
#if (_MSC_VER >= 1400)
#pragma section(".CRT$XIU",long,read)
#pragma section(".CRT$XCU",long,read)
#pragma section(".CRT$XTU",long,read)
#pragma section(".CRT$XLC",long,read)
        extern const __declspec(allocate(".CRT$XLC")) _TLSCB p_tls_callback = on_tls_callback;
        extern const __declspec(allocate(".CRT$XIU")) _PIFV_ p_tls_prepare = on_tls_prepare;
        extern const __declspec(allocate(".CRT$XCU")) _PVFV_ p_process_init = on_process_init;

            

Line: 168 Column: 33 CWE codes: 120 20

              #if (_MSC_VER >= 1400)
#pragma section(".CRT$XIU",long,read)
#pragma section(".CRT$XCU",long,read)
#pragma section(".CRT$XTU",long,read)
#pragma section(".CRT$XLC",long,read)
        extern const __declspec(allocate(".CRT$XLC")) _TLSCB p_tls_callback = on_tls_callback;
        extern const __declspec(allocate(".CRT$XIU")) _PIFV_ p_tls_prepare = on_tls_prepare;
        extern const __declspec(allocate(".CRT$XCU")) _PVFV_ p_process_init = on_process_init;
        extern const __declspec(allocate(".CRT$XTU")) _PVFV_ p_process_term = on_process_term;

            

Line: 169 Column: 33 CWE codes: 120 20

              #pragma section(".CRT$XIU",long,read)
#pragma section(".CRT$XCU",long,read)
#pragma section(".CRT$XTU",long,read)
#pragma section(".CRT$XLC",long,read)
        extern const __declspec(allocate(".CRT$XLC")) _TLSCB p_tls_callback = on_tls_callback;
        extern const __declspec(allocate(".CRT$XIU")) _PIFV_ p_tls_prepare = on_tls_prepare;
        extern const __declspec(allocate(".CRT$XCU")) _PVFV_ p_process_init = on_process_init;
        extern const __declspec(allocate(".CRT$XTU")) _PVFV_ p_process_term = on_process_term;
#else