The following issues were found
src/third_party/abseil-cpp-master/abseil-cpp/absl/container/btree_test.h
3 issues
Line: 64
Column: 29
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
};
inline char* GenerateDigits(char buf[16], unsigned val, unsigned maxval) {
assert(val <= maxval);
constexpr unsigned kBase = 64; // avoid integer division.
unsigned p = 15;
buf[p--] = 0;
while (maxval > 0) {
Reported by FlawFinder.
Line: 99
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int maxval;
explicit Generator(int m) : maxval(m) {}
std::string operator()(int i) const {
char buf[16];
return GenerateDigits(buf, i, maxval);
}
};
template <>
Reported by FlawFinder.
Line: 109
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int maxval;
explicit Generator(int m) : maxval(m) {}
Cord operator()(int i) const {
char buf[16];
return Cord(GenerateDigits(buf, i, maxval));
}
};
template <typename T, typename U>
Reported by FlawFinder.
src/mongo/db/exec/sbe/stages/bson_scan.cpp
3 issues
Line: 84
Column: 21
CWE codes:
362
return ctx.getAccessor(slot);
}
void BSONScanStage::open(bool reOpen) {
auto optTimer(getOptTimer(_opCtx));
_commonStats.opens++;
_bsonCurrent = _bsonBegin;
}
Reported by FlawFinder.
Line: 102
Column: 47
CWE codes:
120
20
if (auto fieldsToMatch = _fieldAccessors.size(); fieldsToMatch != 0) {
auto be = _bsonCurrent;
auto end = be + ConstDataView(be).read<LittleEndian<uint32_t>>();
// Skip document length.
be += 4;
for (auto& [name, accessor] : _fieldAccessors) {
accessor->reset();
}
Reported by FlawFinder.
Line: 127
Column: 53
CWE codes:
120
20
}
// Advance to the next document.
_bsonCurrent += ConstDataView(_bsonCurrent).read<LittleEndian<uint32_t>>();
_specificStats.numReads++;
return trackPlanState(PlanState::ADVANCED);
}
Reported by FlawFinder.
jstests/client_encrypt/lib/kms_http_control.py
3 issues
Line: 7
Column: 1
"""
import argparse
import json
import logging
import sys
import urllib.request
import ssl
Reported by Pylint.
Line: 44
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b310-urllib-urlopen
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile=args.ca_file)
with urllib.request.urlopen(url_str, context=context) as f:
print(f.read().decode('utf-8'))
sys.exit(0)
Reported by Bandit.
Line: 44
Column: 62
context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH, cafile=args.ca_file)
with urllib.request.urlopen(url_str, context=context) as f:
print(f.read().decode('utf-8'))
sys.exit(0)
Reported by Pylint.
src/third_party/abseil-cpp-master/abseil-cpp/absl/strings/internal/str_format/bind_test.cc
3 issues
Line: 35
}
};
TEST_F(FormatBindTest, BindSingle) {
struct Expectation {
int line;
const char *fmt;
int ok_phases;
const FormatArgImpl *arg;
Reported by Cppcheck.
Line: 30
Column: 44
CWE codes:
126
class FormatBindTest : public ::testing::Test {
public:
bool Extract(const char *s, UnboundConversion *props, int *next) const {
return ConsumeUnboundConversion(s, s + strlen(s), props, next) ==
s + strlen(s);
}
};
TEST_F(FormatBindTest, BindSingle) {
Reported by FlawFinder.
Line: 31
Column: 16
CWE codes:
126
public:
bool Extract(const char *s, UnboundConversion *props, int *next) const {
return ConsumeUnboundConversion(s, s + strlen(s), props, next) ==
s + strlen(s);
}
};
TEST_F(FormatBindTest, BindSingle) {
struct Expectation {
Reported by FlawFinder.
src/mongo/db/exec/sbe/stages/branch.cpp
3 issues
Line: 114
Column: 19
CWE codes:
362
return ctx.getAccessor(slot);
}
void BranchStage::open(bool reOpen) {
auto optTimer(getOptTimer(_opCtx));
_commonStats.opens++;
_specificStats.numTested++;
Reported by FlawFinder.
Line: 128
Column: 27
CWE codes:
362
if (tag == value::TypeTags::Boolean) {
if (value::bitcastTo<bool>(val)) {
_activeBranch = 0;
_children[0]->open(reOpen && _thenOpened);
_thenOpened = true;
++_specificStats.thenBranchOpens;
} else {
_activeBranch = 1;
_children[1]->open(reOpen && _elseOpened);
Reported by FlawFinder.
Line: 133
Column: 27
CWE codes:
362
++_specificStats.thenBranchOpens;
} else {
_activeBranch = 1;
_children[1]->open(reOpen && _elseOpened);
_elseOpened = true;
++_specificStats.elseBranchOpens;
}
for (auto& outAccessor : _outValueAccessors) {
outAccessor.setIndex(*_activeBranch);
Reported by FlawFinder.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Platform/os2.py
3 issues
Line: 34
Column: 1
#
__revision__ = "src/engine/SCons/Platform/os2.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
from . import win32
def generate(env):
if 'ENV' not in env:
env['ENV'] = {}
env['OBJPREFIX'] = ''
Reported by Pylint.
Line: 33
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
__revision__ = "src/engine/SCons/Platform/os2.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
from . import win32
def generate(env):
if 'ENV' not in env:
env['ENV'] = {}
Reported by Pylint.
Line: 36
Column: 1
__revision__ = "src/engine/SCons/Platform/os2.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
from . import win32
def generate(env):
if 'ENV' not in env:
env['ENV'] = {}
env['OBJPREFIX'] = ''
env['OBJSUFFIX'] = '.obj'
env['SHOBJPREFIX'] = '$OBJPREFIX'
Reported by Pylint.
src/third_party/abseil-cpp-master/abseil-cpp/absl/base/internal/sysinfo.cc
3 issues
Line: 124
Column: 12
CWE codes:
362
// and the memory location pointed to by value is set to the value read.
static bool ReadLongFromFile(const char *file, long *value) {
bool ret = false;
int fd = open(file, O_RDONLY);
if (fd != -1) {
char line[1024];
char *err;
memset(line, '\0', sizeof(line));
int len = read(fd, line, sizeof(line) - 1);
Reported by FlawFinder.
Line: 126
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool ret = false;
int fd = open(file, O_RDONLY);
if (fd != -1) {
char line[1024];
char *err;
memset(line, '\0', sizeof(line));
int len = read(fd, line, sizeof(line) - 1);
if (len <= 0) {
ret = false;
Reported by FlawFinder.
Line: 129
Column: 15
CWE codes:
120
20
char line[1024];
char *err;
memset(line, '\0', sizeof(line));
int len = read(fd, line, sizeof(line) - 1);
if (len <= 0) {
ret = false;
} else {
const long temp_value = strtol(line, &err, 10);
if (line[0] != '\0' && (*err == '\n' || *err == '\0')) {
Reported by FlawFinder.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Platform/sunos.py
3 issues
Line: 35
Column: 1
__revision__ = "src/engine/SCons/Platform/sunos.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
from . import posix
def generate(env):
posix.generate(env)
# Based on sunSparc 8:32bit
# ARG_MAX=1048320 - 3000 for environment expansion
Reported by Pylint.
Line: 33
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
__revision__ = "src/engine/SCons/Platform/sunos.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
from . import posix
def generate(env):
posix.generate(env)
Reported by Pylint.
Line: 37
Column: 1
from . import posix
def generate(env):
posix.generate(env)
# Based on sunSparc 8:32bit
# ARG_MAX=1048320 - 3000 for environment expansion
env['MAXLINELENGTH'] = 1045320
env['PKGINFO'] = 'pkginfo'
Reported by Pylint.
src/third_party/abseil-cpp-master/abseil-cpp/absl/base/internal/scoped_set_env_test.cc
3 issues
Line: 49
#endif
}
TEST(ScopedSetEnvTest, SetNonExistingVarToString) {
EXPECT_EQ(GetEnvVar("SCOPED_SET_ENV_TEST_VAR"), "UNSET");
{
ScopedSetEnv scoped_set("SCOPED_SET_ENV_TEST_VAR", "value");
Reported by Cppcheck.
Line: 40
Column: 23
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
return std::string(buf, get_res);
#else
const char* val = ::getenv(name);
if (val == nullptr) {
return "UNSET";
}
return val;
Reported by FlawFinder.
Line: 28
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
std::string GetEnvVar(const char* name) {
#ifdef _WIN32
char buf[1024];
auto get_res = GetEnvironmentVariableA(name, buf, sizeof(buf));
if (get_res >= sizeof(buf)) {
return "TOO_BIG";
}
Reported by FlawFinder.
src/mongo/db/exec/sbe/sbe_test.cpp
3 issues
Line: 83
}
}
TEST(SBEValues, Hash) {
auto tagInt32 = value::TypeTags::NumberInt32;
auto valInt32 = value::bitcastFrom<int32_t>(-5);
auto tagInt64 = value::TypeTags::NumberInt64;
auto valInt64 = value::bitcastFrom<int64_t>(-5);
Reported by Cppcheck.
Line: 133
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const auto secondNan = std::numeric_limits<double>::signaling_NaN();
auto getDoubleBits = [](double value) {
uint64_t bits = 0;
memcpy(&bits, &value, sizeof(value));
return bits;
};
ASSERT_NOT_EQUALS(getDoubleBits(firstNan), getDoubleBits(secondNan));
testDoubleVsDecimal(firstNan, secondNan);
}
Reported by FlawFinder.
Line: 433
Column: 24
CWE codes:
126
*/
void fillSmallStringTail(value::Value val, char pattern) {
char* rawView = value::getRawStringView(value::TypeTags::StringSmall, val);
for (auto i = std::strlen(rawView) + 1; i <= value::kSmallStringMaxLength; i++) {
rawView[i] = pattern;
}
}
} // namespace
Reported by FlawFinder.