The following issues were found
src/third_party/gperftools/dist/src/profiledata.cc
3 issues
Line: 76
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
evict_[num_evicted_++] = entry.count;
evict_[num_evicted_++] = d;
memcpy(&evict_[num_evicted_], entry.stack, d * sizeof(Slot));
num_evicted_ += d;
}
ProfileData::ProfileData()
: hash_(0),
Reported by FlawFinder.
Line: 99
Column: 12
CWE codes:
362
}
// Open output file and initialize various data structures
int fd = open(fname, O_CREAT | O_WRONLY | O_TRUNC, 0666);
if (fd < 0) {
// Can't open outfile for write
return false;
}
Reported by FlawFinder.
Line: 228
Column: 5
CWE codes:
120
state->start_time = start_time_;
state->samples_gathered = count_;
int buf_size = sizeof(state->profile_name);
strncpy(state->profile_name, fname_, buf_size);
state->profile_name[buf_size-1] = '\0';
} else {
state->enabled = false;
state->start_time = 0;
state->samples_gathered = 0;
Reported by FlawFinder.
src/third_party/gperftools/dist/src/stacktrace_powerpc-linux-inl.h
3 issues
Line: 185
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef __PPC64__
if (sigtramp64_vdso && (sigtramp64_vdso == current->return_addr)) {
struct signal_frame_64 {
char dummy[128];
ucontext_t uc;
// We don't care about the rest, since the IP value is at 'uc' field.
} *sigframe = reinterpret_cast<signal_frame_64*>(current);
result[n] = (void*) sigframe->uc.uc_mcontext.gp_regs[PT_NIP];
}
Reported by FlawFinder.
Line: 194
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#else
if (sigtramp32_vdso && (sigtramp32_vdso == current->return_addr)) {
struct signal_frame_32 {
char dummy[64];
struct sigcontext sctx;
mcontext_t mctx;
// We don't care about the rest, since IP value is at 'mctx' field.
} *sigframe = reinterpret_cast<signal_frame_32*>(current);
result[n] = (void*) sigframe->mctx.gregs[PT_NIP];
Reported by FlawFinder.
Line: 202
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
result[n] = (void*) sigframe->mctx.gregs[PT_NIP];
} else if (sigtramp32_rt_vdso && (sigtramp32_rt_vdso == current->return_addr)) {
struct rt_signal_frame_32 {
char dummy[64 + 16];
siginfo_t info;
ucontext_t uc;
// We don't care about the rest, since IP value is at 'uc' field.A
} *sigframe = reinterpret_cast<rt_signal_frame_32*>(current);
result[n] = (void*) sigframe->uc.uc_mcontext.uc_regs->gregs[PT_NIP];
Reported by FlawFinder.
src/third_party/gperftools/dist/src/base/low_level_alloc.cc
3 issues
Line: 126
Column: 62
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// term, so first-fit searches touch fewer nodes. "level" is clipped so
// level<kMaxLevel and next[level-1] will fit in the node.
// 0 < LLA_SkiplistLevels(x,y,false) <= LLA_SkiplistLevels(x,y,true) < kMaxLevel
static int LLA_SkiplistLevels(size_t size, size_t base, bool random) {
// max_fit is the maximum number of levels that will fit in a node for the
// given size. We can't return more than max_fit, no matter what the
// random number generator says.
int max_fit = (size-OFFSETOF_MEMBER(AllocList, next)) / sizeof (AllocList *);
int level = IntLog2(size, base) + (random? Random() : 1);
Reported by FlawFinder.
Line: 131
Column: 38
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// given size. We can't return more than max_fit, no matter what the
// random number generator says.
int max_fit = (size-OFFSETOF_MEMBER(AllocList, next)) / sizeof (AllocList *);
int level = IntLog2(size, base) + (random? Random() : 1);
if (level > max_fit) level = max_fit;
if (level > kMaxLevel-1) level = kMaxLevel - 1;
RAW_CHECK(level >= 1, "block not big enough for even one level");
return level;
}
Reported by FlawFinder.
Line: 543
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static DefaultPagesAllocator *default_pages_allocator;
static union {
char chars[sizeof(DefaultPagesAllocator)];
void *ptr;
} debug_pages_allocator_space;
LowLevelAlloc::PagesAllocator *LowLevelAlloc::GetDefaultPagesAllocator(void) {
if (default_pages_allocator) {
Reported by FlawFinder.
src/mongo/s/chunk_manager_targeter.cpp
3 issues
Line: 596
CWE codes:
587
LOGV2_DEBUG(22912,
4,
"ChunkManagerTargeter checking if refresh is needed",
"couldNotTarget"_attr = _lastError.get() == LastErrorType::kCouldNotTarget,
"staleShardVersion"_attr = _lastError.get() == LastErrorType::kStaleShardVersion,
"staleDbVersion"_attr = _lastError.get() == LastErrorType::kStaleDbVersion);
// Get the latest metadata information from the cache if there were issues
auto lastManager = *_cm;
Reported by Cppcheck.
Line: 597
CWE codes:
587
4,
"ChunkManagerTargeter checking if refresh is needed",
"couldNotTarget"_attr = _lastError.get() == LastErrorType::kCouldNotTarget,
"staleShardVersion"_attr = _lastError.get() == LastErrorType::kStaleShardVersion,
"staleDbVersion"_attr = _lastError.get() == LastErrorType::kStaleDbVersion);
// Get the latest metadata information from the cache if there were issues
auto lastManager = *_cm;
_init(opCtx);
Reported by Cppcheck.
Line: 598
CWE codes:
587
"ChunkManagerTargeter checking if refresh is needed",
"couldNotTarget"_attr = _lastError.get() == LastErrorType::kCouldNotTarget,
"staleShardVersion"_attr = _lastError.get() == LastErrorType::kStaleShardVersion,
"staleDbVersion"_attr = _lastError.get() == LastErrorType::kStaleDbVersion);
// Get the latest metadata information from the cache if there were issues
auto lastManager = *_cm;
_init(opCtx);
auto metadataChanged = isMetadataDifferent(lastManager, *_cm);
Reported by Cppcheck.
src/third_party/gperftools/dist/src/base/sysinfo.h
3 issues
Line: 106
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#else // a one-line buffer is good enough
static const size_t kBufSize = PATH_MAX + 1024;
#endif
char buf_[kBufSize];
};
// Create a new iterator for the specified pid. pid can be 0 for "self".
explicit ProcMapsIterator(pid_t pid);
Reported by FlawFinder.
Line: 211
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int current_load_cmd_; // the segment of this dll we're examining
#elif defined(__sun__) // Solaris
int fd_;
char current_filename_[PATH_MAX];
#else
int fd_; // filehandle on /proc/*/maps
#endif
pid_t pid_;
char flags_[10];
Reported by FlawFinder.
Line: 216
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int fd_; // filehandle on /proc/*/maps
#endif
pid_t pid_;
char flags_[10];
Buffer* dynamic_buffer_; // dynamically-allocated Buffer
bool using_maps_backing_; // true if we are looking at maps_backing instead of maps.
};
#endif /* #ifndef SWIG */
Reported by FlawFinder.
src/third_party/boost/libs/log/src/setup/init_from_settings.cpp
3 issues
Line: 589
Column: 45
CWE codes:
134
Suggestion:
Use a constant format string for syslog
shared_ptr< backend_t > backend = boost::make_shared< backend_t >();
// For now we use only the default level mapping. Will add support for configuration later.
backend->set_severity_mapper(sinks::syslog::direct_severity_mapping< >(log::aux::default_attribute_names::severity()));
#if !defined(BOOST_LOG_NO_ASIO)
// Setup local and remote addresses
if (optional< string_type > local_address_param = params["LocalAddress"])
backend->set_local_address(param_cast_to_address("LocalAddress", local_address_param.get()));
Reported by FlawFinder.
Line: 186
Column: 43
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
template< typename CharT >
inline bool is_weekday(const CharT* str, std::size_t len, boost::log::basic_string_literal< CharT > const& weekday, boost::log::basic_string_literal< CharT > const& short_weekday)
{
return (len == weekday.size() && std::equal(weekday.begin(), weekday.end(), str)) ||
(len == short_weekday.size() && std::equal(short_weekday.begin(), short_weekday.end(), str));
}
//! The function extracts the file rotation time point predicate from the parameter
template< typename CharT >
Reported by FlawFinder.
Line: 187
Column: 46
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
inline bool is_weekday(const CharT* str, std::size_t len, boost::log::basic_string_literal< CharT > const& weekday, boost::log::basic_string_literal< CharT > const& short_weekday)
{
return (len == weekday.size() && std::equal(weekday.begin(), weekday.end(), str)) ||
(len == short_weekday.size() && std::equal(short_weekday.begin(), short_weekday.end(), str));
}
//! The function extracts the file rotation time point predicate from the parameter
template< typename CharT >
sinks::file::rotation_at_time_point param_cast_to_rotation_time_point(const char* param_name, std::basic_string< CharT > const& value)
Reported by FlawFinder.
src/third_party/boost/libs/locale/src/win32/api.hpp
3 issues
Line: 113
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const int de_size = 4;
static const int gr_size = 10;
wchar_t th[th_size]={0};
wchar_t de[de_size]={0};
wchar_t gr[gr_size]={0};
if( GetLocaleInfoW(lcid,LOCALE_STHOUSAND,th,th_size)==0
|| GetLocaleInfoW(lcid,LOCALE_SDECIMAL ,de,de_size)==0
Reported by FlawFinder.
Line: 114
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static const int gr_size = 10;
wchar_t th[th_size]={0};
wchar_t de[de_size]={0};
wchar_t gr[gr_size]={0};
if( GetLocaleInfoW(lcid,LOCALE_STHOUSAND,th,th_size)==0
|| GetLocaleInfoW(lcid,LOCALE_SDECIMAL ,de,de_size)==0
|| GetLocaleInfoW(lcid,LOCALE_SGROUPING,gr,gr_size)==0)
Reported by FlawFinder.
Line: 115
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wchar_t th[th_size]={0};
wchar_t de[de_size]={0};
wchar_t gr[gr_size]={0};
if( GetLocaleInfoW(lcid,LOCALE_STHOUSAND,th,th_size)==0
|| GetLocaleInfoW(lcid,LOCALE_SDECIMAL ,de,de_size)==0
|| GetLocaleInfoW(lcid,LOCALE_SGROUPING,gr,gr_size)==0)
{
Reported by FlawFinder.
src/third_party/boost/libs/locale/src/shared/format.cpp
3 issues
Line: 78
Column: 33
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
break;
}
if(i==key.size()) {
d->position=atoi(key.c_str()) - 1;
return;
}
if(key=="num" || key=="number") {
as::number(ios_);
Reported by FlawFinder.
Line: 162
Column: 32
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
else if(key=="timezone" || key=="tz")
ios_info::get(ios_).time_zone(value);
else if(key=="w" || key=="width")
ios_.width(atoi(value.c_str()));
else if(key=="p" || key=="precision")
ios_.precision(atoi(value.c_str()));
else if(key=="locale") {
if(!d->restore_locale) {
d->saved_locale=ios_.getloc();
Reported by FlawFinder.
Line: 164
Column: 36
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
else if(key=="w" || key=="width")
ios_.width(atoi(value.c_str()));
else if(key=="p" || key=="precision")
ios_.precision(atoi(value.c_str()));
else if(key=="locale") {
if(!d->restore_locale) {
d->saved_locale=ios_.getloc();
d->restore_locale=true;
}
Reported by FlawFinder.
site_scons/site_tools/xcode.py
3 issues
Line: 1
Column: 1
# Copyright 2020 MongoDB Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
Reported by Pylint.
Line: 26
Column: 1
import os
def exists(env):
return env.Detect("xcrun")
def generate(env):
if not exists(env):
Reported by Pylint.
Line: 30
Column: 1
return env.Detect("xcrun")
def generate(env):
if not exists(env):
return
if "DEVELOPER_DIR" in os.environ:
env["ENV"]["DEVELOPER_DIR"] = os.environ["DEVELOPER_DIR"]
Reported by Pylint.
src/third_party/boost/libs/locale/src/encoding/conv.hpp
3 issues
Line: 72
Column: 34
CWE codes:
362
typedef std::string string_type;
virtual bool open(char const *to_charset,char const *from_charset,method_type how) = 0;
virtual std::string convert(char const *begin,char const *end) = 0;
virtual ~converter_between()
{
Reported by FlawFinder.
Line: 88
Column: 34
CWE codes:
362
typedef std::basic_string<char_type> string_type;
virtual bool open(char const *charset,method_type how) = 0;
virtual std::string convert(CharType const *begin,CharType const *end) = 0;
virtual ~converter_from_utf()
{
Reported by FlawFinder.
Line: 104
Column: 34
CWE codes:
362
typedef std::basic_string<char_type> string_type;
virtual bool open(char const *charset,method_type how) = 0;
virtual string_type convert(char const *begin,char const *end) = 0;
virtual ~converter_to_utf()
{
Reported by FlawFinder.