The following issues were found
src/mongo/crypto/hash_block.h
3 issues
Line: 123
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
HashType newHash;
memcpy(newHash.data(), input, inputLen);
return HashBlock(newHash);
}
static StatusWith<HashBlock> fromHexStringNoThrow(StringData hex) {
if (!hexblob::validate(hex)) {
Reported by FlawFinder.
Line: 232
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
HashType newHash;
memcpy(newHash.data(), binData.data, binData.length);
return HashBlock(newHash);
}
/**
* Make a new HashBlock from a vector of bytes representing bindata. For IDL.
Reported by FlawFinder.
Line: 244
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
uassert(ErrorCodes::UnsupportedFormat,
str::stream() << "Unsupported " << Traits::name << " hash length: " << bytes.size(),
bytes.size() == kHashLength);
memcpy(newHash.data(), bytes.data(), bytes.size());
return HashBlock(newHash);
}
/**
* Append this to a builder using the given name as a BSON BinData type value.
Reported by FlawFinder.
src/mongo/db/ftdc/varint_test.cpp
3 issues
Line: 60
}
// Test various integer combinations compress and uncompress correctly
TEST(FTDCVarIntTest, TestIntCompression) {
// Check numbers with leading 1
for (int i = 0; i < 63; i++) {
TestInt(i);
TestInt(i - 1);
}
Reported by Cppcheck.
Line: 46
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Test integer packing and unpacking
void TestInt(std::uint64_t i) {
char buf[11];
DataView dvWrite(&buf[0]);
dvWrite.write(i);
Reported by FlawFinder.
Line: 54
Column: 31
CWE codes:
120
20
ConstDataView cdvRead(&buf[0]);
std::uint64_t d = cdvRead.read<std::uint64_t>();
ASSERT_EQUALS(i, d);
}
// Test various integer combinations compress and uncompress correctly
Reported by FlawFinder.
src/third_party/unwind/dist/tests/test-mem.c
3 issues
Line: 39
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
#include <sys/resource.h>
#define panic(args...) \
{ fprintf (stderr, args); exit (-1); }
int verbose;
static void
do_backtrace (void)
Reported by FlawFinder.
Line: 79
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
unw_cursor_t cursor;
unw_context_t uc;
char string[1024];
memset (&cursor, 0, sizeof (cursor));
memset (&uc, 0, sizeof (uc));
return sprintf (string, "hello %p %p\n", &cursor, &uc);
}
Reported by FlawFinder.
Line: 83
Column: 10
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
memset (&cursor, 0, sizeof (cursor));
memset (&uc, 0, sizeof (uc));
return sprintf (string, "hello %p %p\n", &cursor, &uc);
}
int
main (int argc, char **argv UNUSED)
{
Reported by FlawFinder.
src/third_party/unwind/dist/tests/ia64-test-sig.c
3 issues
Line: 85
CWE codes:
476
{
int ch;
ch = *p; /* trigger SIGSEGV */
if (verbose)
printf ("doit: finishing execution!\n");
}
Reported by Cppcheck.
Line: 34
Column: 4
CWE codes:
134
Suggestion:
Use a constant for the format specification
#include <libunwind-ia64.h>
#define panic(args...) \
{ fprintf (stderr, args); exit (-1); }
int verbose;
static void
sighandler (int signal)
Reported by FlawFinder.
Line: 85
CWE codes:
476
{
int ch;
ch = *p; /* trigger SIGSEGV */
if (verbose)
printf ("doit: finishing execution!\n");
}
Reported by Cppcheck.
src/mongo/db/ftdc/file_writer.cpp
3 issues
Line: 51
Column: 24
CWE codes:
362
close().transitional_ignore();
}
Status FTDCFileWriter::open(const boost::filesystem::path& file) {
if (_archiveStream.is_open()) {
return {ErrorCodes::FileAlreadyOpen, "FTDCFileWriter is already open."};
}
_archiveFile = file;
Reported by FlawFinder.
Line: 60
Column: 20
CWE codes:
362
// Ideally, we create a file from scratch via O_CREAT but there is not portable way via C++
// iostreams to do this.
_archiveStream.open(_archiveFile.c_str(),
std::ios_base::out | std::ios_base::binary | std::ios_base::app);
if (!_archiveStream.is_open()) {
return Status(ErrorCodes::FileNotOpen,
"Failed to open archive file " + file.generic_string());
Reported by FlawFinder.
Line: 86
Column: 19
CWE codes:
362
std::ofstream interimStream;
// Open up a temporary interim file
interimStream.open(_interimTempFile.c_str(),
std::ios_base::out | std::ios_base::binary | std::ios_base::trunc);
if (!interimStream.is_open()) {
return Status(ErrorCodes::FileNotOpen,
"Failed to open interim file " + _interimTempFile.generic_string());
Reported by FlawFinder.
src/third_party/unwind/dist/src/x86_64/Ginit.c
3 issues
Line: 162
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef HAVE_MINCORE
static int mincore_validate (void *addr, size_t len)
{
unsigned char mvec[2]; /* Unaligned access may cross page boundary */
/* mincore could fail with EAGAIN but we conservatively return -1
instead of looping. */
if (mincore (addr, len, (char *)mvec) != 0)
{
Reported by FlawFinder.
Line: 187
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef HAVE_MINCORE
unsigned char present = 1;
unw_word_t addr = PAGE_START((unw_word_t)&present);
unsigned char mvec[1];
int ret;
while ((ret = mincore ((void*)addr, PAGE_SIZE, (char *)mvec)) == -1 &&
errno == EAGAIN) {}
if (ret == 0)
{
Reported by FlawFinder.
Line: 127
Column: 15
CWE codes:
120
20
do
{
char buf;
bytes = read (mem_validate_pipe[0], &buf, 1);
}
while ( errno == EINTR );
int valid_read = (bytes > 0 || errno == EAGAIN || errno == EWOULDBLOCK);
if (!valid_read)
Reported by FlawFinder.
src/third_party/unwind/dist/src/s390x/Ginit.c
3 issues
Line: 156
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef HAVE_MINCORE
static int mincore_validate (void *addr, size_t len)
{
unsigned char mvec[2]; /* Unaligned access may cross page boundary */
size_t i;
/* mincore could fail with EAGAIN but we conservatively return -1
instead of looping. */
if (mincore (addr, len, mvec) != 0)
Reported by FlawFinder.
Line: 187
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef HAVE_MINCORE
unsigned char present = 1;
unw_word_t addr = PAGE_START((unw_word_t)&present);
unsigned char mvec[1];
int ret;
while ((ret = mincore ((void*)addr, PAGE_SIZE, mvec)) == -1 &&
errno == EAGAIN) {}
if (ret == 0 && (mvec[0] & 1))
{
Reported by FlawFinder.
Line: 121
Column: 15
CWE codes:
120
20
do
{
char buf;
bytes = read (mem_validate_pipe[0], &buf, 1);
}
while ( errno == EINTR );
int valid_read = (bytes > 0 || errno == EAGAIN || errno == EWOULDBLOCK);
if (!valid_read)
Reported by FlawFinder.
src/third_party/unwind/dist/src/coredump/_UCD_access_mem.c
3 issues
Line: 72
Column: 12
CWE codes:
120
20
filename = phdr->backing_filename;
fileofs = addr - phdr->p_vaddr;
fd = phdr->backing_fd;
goto read;
}
filename = ui->coredump_filename;
fileofs = phdr->p_offset + (addr - phdr->p_vaddr);
fd = ui->coredump_fd;
Reported by FlawFinder.
Line: 78
Column: 2
CWE codes:
120
20
filename = ui->coredump_filename;
fileofs = phdr->p_offset + (addr - phdr->p_vaddr);
fd = ui->coredump_fd;
read:
if (lseek(fd, fileofs, SEEK_SET) != fileofs)
goto read_error;
if (read(fd, val, sizeof(*val)) != sizeof(*val))
goto read_error;
Reported by FlawFinder.
Line: 81
Column: 7
CWE codes:
120
20
read:
if (lseek(fd, fileofs, SEEK_SET) != fileofs)
goto read_error;
if (read(fd, val, sizeof(*val)) != sizeof(*val))
goto read_error;
Debug(1, "0x%llx <- [addr:0x%llx fileofs:0x%llx]\n",
(unsigned long long)(*val),
(unsigned long long)addr,
Reported by FlawFinder.
src/third_party/unwind/dist/include/libunwind_i.h
3 issues
Line: 286
Column: 7
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (_n > 16) \
_n = 16; \
fprintf (stderr, "%*c>%s: ", _n, ' ', __FUNCTION__); \
fprintf (stderr, format); \
} \
} while (0)
# define Dprintf(format...) fprintf (stderr, format)
#else
# define Debug(level,format...)
Reported by FlawFinder.
Line: 289
Column: 37
CWE codes:
134
Suggestion:
Use a constant for the format specification
fprintf (stderr, format); \
} \
} while (0)
# define Dprintf(format...) fprintf (stderr, format)
#else
# define Debug(level,format...)
# define Dprintf(format...)
#endif
Reported by FlawFinder.
Line: 298
Column: 28
CWE codes:
126
static ALWAYS_INLINE int
print_error (const char *string)
{
return write (2, string, strlen (string));
}
#define mi_init UNWI_ARCH_OBJ(mi_init)
extern void mi_init (void); /* machine-independent initializations */
Reported by FlawFinder.
src/third_party/tomcrypt-1.18.2/src/hashes/sha1.c
3 issues
Line: 250
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#else
static const struct {
const char *msg;
unsigned char hash[20];
} tests[] = {
{ "abc",
{ 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a,
0xba, 0x3e, 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c,
0x9c, 0xd0, 0xd8, 0x9d }
Reported by FlawFinder.
Line: 265
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
int i;
unsigned char tmp[20];
hash_state md;
for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
sha1_init(&md);
sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
Reported by FlawFinder.
Line: 270
Column: 70
CWE codes:
126
for (i = 0; i < (int)(sizeof(tests) / sizeof(tests[0])); i++) {
sha1_init(&md);
sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
sha1_done(&md, tmp);
if (compare_testvector(tmp, sizeof(tmp), tests[i].hash, sizeof(tests[i].hash), "SHA1", i)) {
return CRYPT_FAIL_TESTVECTOR;
}
}
Reported by FlawFinder.