The following issues were found
src/third_party/mozjs-60/extract/js/public/StructuredClone.h
3 issues
Line: 456
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
while (size > 0) {
size_t remaining = iter.RemainingInSegment();
size_t nbytes = std::min(remaining, size);
memcpy(iter.Data(), data, nbytes);
data += nbytes;
size -= nbytes;
iter.Advance(bufList_, nbytes);
}
return true;
Reported by FlawFinder.
Line: 317
Column: 27
CWE codes:
120
20
void* content, uint64_t extraData, void* closure);
struct JSStructuredCloneCallbacks {
ReadStructuredCloneOp read;
WriteStructuredCloneOp write;
StructuredCloneErrorOp reportError;
ReadTransferStructuredCloneOp readTransfer;
TransferStructuredCloneOp writeTransfer;
FreeTransferStructuredCloneOp freeTransfer;
Reported by FlawFinder.
Line: 606
Column: 10
CWE codes:
120
20
*/
void abandon() { data_.ownTransferables_ = OwnTransferablePolicy::IgnoreTransferablesIfAny; }
bool read(JSContext* cx, JS::MutableHandleValue vp,
const JSStructuredCloneCallbacks* optionalCallbacks=nullptr, void* closure=nullptr);
bool write(JSContext* cx, JS::HandleValue v,
const JSStructuredCloneCallbacks* optionalCallbacks=nullptr, void* closure=nullptr);
Reported by FlawFinder.
src/mongo/base/data_type_validated_test.cpp
3 issues
Line: 67
using std::begin;
using std::end;
TEST(DataTypeValidated, SuccessfulValidation) {
char buf[1];
{
DataRangeCursor drc(begin(buf), end(buf));
ASSERT_OK(drc.writeAndAdvanceNoThrow(Validated<char>(0xFU)));
Reported by Cppcheck.
Line: 68
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
using std::end;
TEST(DataTypeValidated, SuccessfulValidation) {
char buf[1];
{
DataRangeCursor drc(begin(buf), end(buf));
ASSERT_OK(drc.writeAndAdvanceNoThrow(Validated<char>(0xFU)));
}
Reported by FlawFinder.
Line: 84
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
TEST(DataTypeValidated, FailedValidation) {
char buf[1];
{
DataRangeCursor drc(begin(buf), end(buf));
ASSERT_NOT_OK(drc.writeAndAdvanceNoThrow(Validated<char>(0x01)));
}
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/i18n/ucal.cpp
3 issues
Line: 149
Column: 7
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
if ( caltype == UCAL_GREGORIAN ) {
char localeBuf[ULOC_LOCALE_IDENTIFIER_CAPACITY];
if ( locale == NULL ) {
locale = uloc_getDefault();
}
uprv_strncpy(localeBuf, locale, ULOC_LOCALE_IDENTIFIER_CAPACITY);
uloc_setKeywordValue("calendar", "gregorian", localeBuf, ULOC_LOCALE_IDENTIFIER_CAPACITY, status);
Reported by FlawFinder.
Line: 673
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
U_CAPI UEnumeration* U_EXPORT2
ucal_getKeywordValuesForLocale(const char * /* key */, const char* locale, UBool commonlyUsed, UErrorCode *status) {
// Resolve region
char prefRegion[ULOC_COUNTRY_CAPACITY];
(void)ulocimp_getRegionForSupplementalData(locale, TRUE, prefRegion, sizeof(prefRegion), status);
// Read preferred calendar values from supplementalData calendarPreference
UResourceBundle *rb = ures_openDirect(NULL, "supplementalData", status);
ures_getByKey(rb, "calendarPreferenceData", rb, status);
Reported by FlawFinder.
Line: 740
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return NULL;
}
ulist_resetList(values);
memcpy(en, &defaultKeywordValues, sizeof(UEnumeration));
en->context = values;
return en;
}
U_CAPI UBool U_EXPORT2
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/i18n/ulocdata.c
3 issues
Line: 227
Column: 16
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
UMeasurementSystem system = UMS_LIMIT;
if(status == NULL || U_FAILURE(*status)){
return system;
}
measurement = measurementTypeBundleForLocale(localeID, MEASUREMENT_SYSTEM, status);
system = (UMeasurementSystem) ures_getInt(measurement, status);
Reported by FlawFinder.
Line: 235
Column: 12
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
ures_close(measurement);
return system;
}
U_CAPI void U_EXPORT2
ulocdata_getPaperSize(const char* localeID, int32_t *height, int32_t *width, UErrorCode *status){
Reported by FlawFinder.
Line: 193
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
static UResourceBundle * measurementTypeBundleForLocale(const char *localeID, const char *measurementType, UErrorCode *status){
char region[ULOC_COUNTRY_CAPACITY];
UResourceBundle *rb;
UResourceBundle *measTypeBundle = NULL;
ulocimp_getRegionForSupplementalData(localeID, TRUE, region, ULOC_COUNTRY_CAPACITY, status);
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/i18n/collationruleparser.cpp
3 issues
Line: 605
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
lang.appendInvariantChars(v, errorCode);
if(errorCode == U_MEMORY_ALLOCATION_ERROR) { return; }
// BCP 47 language tag -> ICU locale ID
char localeID[ULOC_FULLNAME_CAPACITY];
int32_t parsedLength;
int32_t length = uloc_forLanguageTag(lang.data(), localeID, ULOC_FULLNAME_CAPACITY,
&parsedLength, &errorCode);
if(U_FAILURE(errorCode) ||
parsedLength != lang.length() || length >= ULOC_FULLNAME_CAPACITY) {
Reported by FlawFinder.
Line: 616
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return;
}
// localeID minus all keywords
char baseID[ULOC_FULLNAME_CAPACITY];
length = uloc_getBaseName(localeID, baseID, ULOC_FULLNAME_CAPACITY, &errorCode);
if(U_FAILURE(errorCode) || length >= ULOC_KEYWORDS_CAPACITY) {
errorCode = U_ZERO_ERROR;
setParseError("expected language tag in [import langTag]", errorCode);
return;
Reported by FlawFinder.
Line: 627
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uprv_strcpy(baseID, "root");
}
// @collation=type, or length=0 if not specified
char collationType[ULOC_KEYWORDS_CAPACITY];
length = uloc_getKeywordValue(localeID, "collation",
collationType, ULOC_KEYWORDS_CAPACITY,
&errorCode);
if(U_FAILURE(errorCode) || length >= ULOC_KEYWORDS_CAPACITY) {
errorCode = U_ZERO_ERROR;
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/uscript.c
3 issues
Line: 56
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
getCodesFromLocale(const char *locale,
UScriptCode *scripts, int32_t capacity, UErrorCode *err) {
UErrorCode internalErrorCode = U_ZERO_ERROR;
char lang[8];
char script[8];
int32_t scriptLength;
if(U_FAILURE(*err)) { return 0; }
// Multi-script languages, equivalent to the LocaleScript data
// that we used to load from locale resource bundles.
Reported by FlawFinder.
Line: 57
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
UScriptCode *scripts, int32_t capacity, UErrorCode *err) {
UErrorCode internalErrorCode = U_ZERO_ERROR;
char lang[8];
char script[8];
int32_t scriptLength;
if(U_FAILURE(*err)) { return 0; }
// Multi-script languages, equivalent to the LocaleScript data
// that we used to load from locale resource bundles.
/*length = */ uloc_getLanguage(locale, lang, UPRV_LENGTHOF(lang), &internalErrorCode);
Reported by FlawFinder.
Line: 99
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int32_t capacity,
UErrorCode* err){
UBool triedCode;
char likely[ULOC_FULLNAME_CAPACITY];
UErrorCode internalErrorCode;
int32_t length;
if(U_FAILURE(*err)) {
return 0;
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/ustr_wcs.cpp
3 issues
Line: 70
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int32_t srcLength,
UErrorCode *pErrorCode){
char stackBuffer [_STACK_BUFFER_CAPACITY];
char* tempBuf = stackBuffer;
int32_t tempBufCapacity = _STACK_BUFFER_CAPACITY;
char* tempBufLimit = stackBuffer + tempBufCapacity;
UConverter* conv = NULL;
char* saveBuf = tempBuf;
Reported by FlawFinder.
Line: 296
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
UChar uStack [_STACK_BUFFER_CAPACITY];
wchar_t wStack[_STACK_BUFFER_CAPACITY];
wchar_t* pWStack = wStack;
char cStack[_STACK_BUFFER_CAPACITY];
int32_t cStackCap = _STACK_BUFFER_CAPACITY;
Reported by FlawFinder.
Line: 300
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wchar_t* pWStack = wStack;
char cStack[_STACK_BUFFER_CAPACITY];
int32_t cStackCap = _STACK_BUFFER_CAPACITY;
char* pCSrc=cStack;
char* pCSave=pCSrc;
char* pCSrcLimit=NULL;
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/unicode/stringtriebuilder.h
3 issues
Line: 330
Column: 13
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
// Adds a unit with a final value.
void add(int32_t c, int32_t value) {
units[length]=(UChar)c;
equal[length]=NULL;
values[length]=value;
++length;
hash=(hash*37+c)*37+value;
}
// Adds a unit which leads to another match node.
Reported by FlawFinder.
Line: 338
Column: 13
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
// Adds a unit which leads to another match node.
void add(int32_t c, Node *node) {
units[length]=(UChar)c;
equal[length]=node;
values[length]=0;
++length;
hash=(hash*37+c)*37+hashCode(node);
}
protected:
Reported by FlawFinder.
Line: 344
Column: 15
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
hash=(hash*37+c)*37+hashCode(node);
}
protected:
Node *equal[kMaxBranchLinearSubNodeLength]; // NULL means "has final value".
int32_t length;
int32_t values[kMaxBranchLinearSubNodeLength];
UChar units[kMaxBranchLinearSubNodeLength];
};
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/udata.cpp
3 issues
Line: 1410
Column: 59
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
U_CAPI void U_EXPORT2 udata_setFileAccess(UDataFileAccess access, UErrorCode * /*status*/)
{
// Note: this function is documented as not thread safe.
gDataFileAccess = access;
}
Reported by FlawFinder.
Line: 1413
Column: 23
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
U_CAPI void U_EXPORT2 udata_setFileAccess(UDataFileAccess access, UErrorCode * /*status*/)
{
// Note: this function is documented as not thread safe.
gDataFileAccess = access;
}
Reported by FlawFinder.
Line: 753
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#if defined(OS390_STUBDATA) && defined(OS390BATCH)
if (!UDataMemory_isLoaded(&tData)) {
char ourPathBuffer[1024];
/* One more chance, for extendCommonData() */
uprv_strncpy(ourPathBuffer, path, 1019);
ourPathBuffer[1019]=0;
uprv_strcat(ourPathBuffer, ".dat");
uprv_mapFile(&tData, ourPathBuffer);
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/ucnv_bld.h
3 issues
Line: 68
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct UConverterStaticData { /* +offset: size */
uint32_t structSize; /* +0: 4 Size of this structure */
char name
[UCNV_MAX_CONVERTER_NAME_LENGTH]; /* +4: 60 internal name of the converter- invariant chars */
int32_t codepage; /* +64: 4 codepage # (now IBM-$codepage) */
int8_t platform; /* +68: 1 platform of the converter (only IBM now) */
Reported by FlawFinder.
Line: 221
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint8_t subChar1; /* single-byte substitution character if different from subChar */
UBool useSubChar1;
char invalidCharBuffer[UCNV_MAX_CHAR_LEN]; /* bytes from last error/callback situation */
uint8_t charErrorBuffer[UCNV_ERROR_BUFFER_LENGTH]; /* codepage output from Error functions */
UChar subUChars[UCNV_MAX_SUBCHAR_LEN/U_SIZEOF_UCHAR]; /* see subChars documentation */
UChar invalidUCharBuffer[U16_MAX_LENGTH]; /* UChars from last error/callback situation */
UChar UCharErrorBuffer[UCNV_ERROR_BUFFER_LENGTH]; /* unicode output from Error functions */
Reported by FlawFinder.
Line: 233
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* store previous UChars/chars to continue partial matches */
UChar32 preFromUFirstCP; /* >=0: partial match */
UChar preFromU[UCNV_EXT_MAX_UCHARS];
char preToU[UCNV_EXT_MAX_BYTES];
int8_t preFromULength, preToULength; /* negative: replay */
int8_t preToUFirstLength; /* length of first character */
/* new fields for ICU 4.0 */
UConverterCallbackReason toUCallbackReason; /* (*fromCharErrorBehaviour) reason, set when error is detected */
Reported by FlawFinder.