The following issues were found
src/mongo/dbtests/threadedtests.cpp
3 issues
Line: 174
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
private:
whichmutex m;
char pad1[128];
unsigned a, b;
char pad2[128];
unsigned locks;
char pad3[128];
AtomicWord<int> k;
Reported by FlawFinder.
Line: 176
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
whichmutex m;
char pad1[128];
unsigned a, b;
char pad2[128];
unsigned locks;
char pad3[128];
AtomicWord<int> k;
virtual void validate() {
Reported by FlawFinder.
Line: 178
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
unsigned a, b;
char pad2[128];
unsigned locks;
char pad3[128];
AtomicWord<int> k;
virtual void validate() {
if (once++ == 0) {
// <= 1.35 we use a different rwmutex impl so worth noting
Reported by FlawFinder.
src/mongo/dbtests/storage_timestamp_tests.cpp
3 issues
Line: 587
CWE codes:
562
ASSERT(collAndIdxIdents.size() == 1 || collAndIdxIdents.size() == 2);
if (collAndIdxIdents.size() == 1) {
// `system.profile` collections do not have an `_id` index.
return std::tie(collAndIdxIdents[0], "");
}
if (collAndIdxIdents.size() == 2) {
// The idents are sorted, so the `collection-...` comes before `index-...`
return std::tie(collAndIdxIdents[0], collAndIdxIdents[1]);
}
Reported by Cppcheck.
Line: 591
CWE codes:
562
}
if (collAndIdxIdents.size() == 2) {
// The idents are sorted, so the `collection-...` comes before `index-...`
return std::tie(collAndIdxIdents[0], collAndIdxIdents[1]);
}
MONGO_UNREACHABLE;
}
Reported by Cppcheck.
Line: 3314
Column: 30
CWE codes:
120
20
.timestamp();
{
Lock::GlobalRead read(_opCtx);
AutoGetCollection autoColl(_opCtx, systemViewsNss, LockMode::MODE_IS);
RecordId catalogId = autoColl.getCollection()->getCatalogId();
auto systemViewsMd = getMetaDataAtTime(
durableCatalog, catalogId, Timestamp(systemViewsCreateTs.asULL() - 1));
Reported by FlawFinder.
src/third_party/boost/boost/system/detail/generic_category_message.hpp
3 issues
Line: 20
Column: 11
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
namespace boost
{
namespace system
{
namespace detail
{
Reported by FlawFinder.
Line: 47
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
inline std::string generic_error_category_message( int ev )
{
char buffer[ 128 ];
return generic_error_category_message( ev, buffer, sizeof( buffer ) );
}
#else // #if defined(__GLIBC__)
Reported by FlawFinder.
Line: 88
Column: 10
CWE codes:
120
if( m == 0 ) return "Unknown error";
std::strncpy( buffer, m, len - 1 );
buffer[ len-1 ] = 0;
return buffer;
}
Reported by FlawFinder.
src/mongo/dbtests/query_stage_merge_sort.cpp
3 issues
Line: 380
CWE codes:
758
insert(BSON("b" << 1 << "c" << i));
}
BSONObj firstIndex = BSON("a" << 1 << "c" << -1);
BSONObj secondIndex = BSON("b" << 1 << "c" << -1);
addIndex(firstIndex);
addIndex(secondIndex);
Reported by Cppcheck.
Line: 381
CWE codes:
758
}
BSONObj firstIndex = BSON("a" << 1 << "c" << -1);
BSONObj secondIndex = BSON("b" << 1 << "c" << -1);
addIndex(firstIndex);
addIndex(secondIndex);
unique_ptr<WorkingSet> ws = make_unique<WorkingSet>();
Reported by Cppcheck.
Line: 389
CWE codes:
758
unique_ptr<WorkingSet> ws = make_unique<WorkingSet>();
// Sort by c:-1
MergeSortStageParams msparams;
msparams.pattern = BSON("c" << -1);
auto ms = std::make_unique<MergeSortStage>(_expCtx.get(), msparams, ws.get());
// a:1
auto params = makeIndexScanParams(&_opCtx, coll, getIndex(firstIndex, coll));
params.bounds.startKey = objWithMaxKey(1);
Reported by Cppcheck.
src/mongo/dbtests/query_stage_collscan.cpp
3 issues
Line: 213
// Go forwards, get everything.
TEST_F(QueryStageCollectionScanTest, QueryStageCollscanBasicForward) {
ASSERT_EQUALS(numObj(), countResults(CollectionScanParams::FORWARD, BSONObj()));
}
// Go backwards, get everything.
TEST_F(QueryStageCollectionScanTest, QueryStageCollscanBasicBackward) {
Reported by Cppcheck.
Line: 699
Column: 23
CWE codes:
134
Suggestion:
Make format string constant
// Provide RecordId bounds with exclusive filters.
StatusWithMatchExpression swMatch = MatchExpressionParser::parse(
fromjson(fmt::sprintf(
"{_id: {$gt: ObjectId('%s'), $lt: ObjectId('%s')}}",
record_id_helpers::toBSONAs(*params.minRecord, "").firstElement().OID().toString(),
record_id_helpers::toBSONAs(*params.maxRecord, "").firstElement().OID().toString())),
_expCtx.get());
ASSERT_OK(swMatch.getStatus());
Reported by FlawFinder.
Line: 761
Column: 23
CWE codes:
134
Suggestion:
Make format string constant
// Provide RecordId bounds with exclusive filters.
StatusWithMatchExpression swMatch = MatchExpressionParser::parse(
fromjson(fmt::sprintf(
"{_id: {$gt: ObjectId('%s'), $lt: ObjectId('%s')}}",
record_id_helpers::toBSONAs(*params.minRecord, "").firstElement().OID().toString(),
record_id_helpers::toBSONAs(*params.maxRecord, "").firstElement().OID().toString())),
_expCtx.get());
ASSERT_OK(swMatch.getStatus());
Reported by FlawFinder.
src/third_party/boost/boost/log/utility/ipc/reliable_message_queue.hpp
3 issues
Line: 227
Column: 15
CWE codes:
362
) :
m_impl(NULL)
{
this->open(name, oflow_policy, perms);
}
/*!
* Constructor with named parameters. The method is used to construct an object and create or open
* the associated message queue. The constructed object will be in running state if the message queue is
Reported by FlawFinder.
Line: 371
Column: 24
CWE codes:
362
* if the queue implementation has to create system objects while operating.
* This parameter is currently not used on POSIX systems.
*/
BOOST_LOG_API void open
(
object_name const& name,
overflow_policy oflow_policy = block_on_overflow,
permissions const& perms = permissions()
);
Reported by FlawFinder.
Line: 740
Column: 15
CWE codes:
362
template< typename ArgsT >
void construct_dispatch(open_mode::open_only_tag, ArgsT const& args)
{
this->open(args[keywords::name], args[keywords::overflow_policy | block_on_overflow], args[keywords::permissions | permissions()]);
}
//! Closes the message queue, if it's open
BOOST_LOG_API void do_close() BOOST_NOEXCEPT;
Reported by FlawFinder.
src/third_party/boost/boost/mpl/equal.hpp
3 issues
Line: 100
Column: 8
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
, typename BOOST_MPL_AUX_NA_PARAM(Sequence2)
, typename Predicate = is_same<_,_>
>
struct equal
: aux::msvc_eti_base<
typename aux::equal_impl<Sequence1,Sequence2,Predicate>::type
>::type
{
BOOST_MPL_AUX_LAMBDA_SUPPORT(2,equal,(Sequence1,Sequence2))
Reported by FlawFinder.
Line: 105
Column: 36
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
typename aux::equal_impl<Sequence1,Sequence2,Predicate>::type
>::type
{
BOOST_MPL_AUX_LAMBDA_SUPPORT(2,equal,(Sequence1,Sequence2))
};
BOOST_MPL_AUX_NA_SPEC(2, equal)
}}
Reported by FlawFinder.
Line: 108
Column: 26
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
BOOST_MPL_AUX_LAMBDA_SUPPORT(2,equal,(Sequence1,Sequence2))
};
BOOST_MPL_AUX_NA_SPEC(2, equal)
}}
#endif // BOOST_MPL_EQUAL_HPP_INCLUDED
Reported by FlawFinder.
buildscripts/resmokelib/powercycle/lib/__init__.py
3 issues
Line: 8
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import getpass
import shlex
import stat
import subprocess
import sys
import yaml
from buildscripts.resmokelib.plugin import Subcommand
Reported by Bandit.
Line: 48
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
def _call(cmd):
cmd = shlex.split(cmd)
# Use a common pipe for stdout & stderr for logging.
process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
buff_stdout, _ = process.communicate()
buff = buff_stdout.decode("utf-8", "replace")
return process.poll(), buff
Reported by Bandit.
Line: 77
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b603_subprocess_without_shell_equals_true.html
LOGGER.debug("Executing '%s'", cmd)
try:
proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
output, _ = proc.communicate()
output = output.decode("utf-8", "replace")
error_code = proc.returncode
if error_code:
output = "Error executing cmd {}: {}".format(cmd, output)
Reported by Bandit.
src/mongo/dbtests/jsobjtests.cpp
3 issues
Line: 1779
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
BSONObj x = BSON("_id" << 5 << "t" << 2);
{
char* crap = (char*)mongoMalloc(x.objsize());
memcpy(crap, x.objdata(), x.objsize());
BSONObj y(crap);
ASSERT_BSONOBJ_EQ(x, y);
free(crap);
}
Reported by FlawFinder.
Line: 1787
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
char* crap = (char*)mongoMalloc(x.objsize());
memcpy(crap, x.objdata(), x.objsize());
int* foo = (int*)crap;
foo[0] = 123123123;
int state = 0;
try {
BSONObj y(crap);
Reported by FlawFinder.
Line: 1658
Column: 26
CWE codes:
126
BSONObjIteratorSorted j(o);
int l = 0;
while (j.more())
l += strlen(j.next().fieldName());
}
// unsigned long long tm = t.micros();
// cout << "time: " << tm << endl;
}
Reported by FlawFinder.
src/third_party/boost/boost/iostreams/detail/streambuf/indirect_streambuf.hpp
3 issues
Line: 66
Column: 10
CWE codes:
362
public:
indirect_streambuf();
void open(const T& t BOOST_IOSTREAMS_PUSH_PARAMS());
bool is_open() const;
void close();
bool auto_close() const;
void set_auto_close(bool close);
bool strict_sync();
Reported by FlawFinder.
Line: 152
Column: 46
CWE codes:
362
//--------------Implementation of open, is_open and close---------------------//
template<typename T, typename Tr, typename Alloc, typename Mode>
void indirect_streambuf<T, Tr, Alloc, Mode>::open
(const T& t, std::streamsize buffer_size, std::streamsize pback_size)
{
using namespace std;
// Normalize buffer sizes.
Reported by FlawFinder.
Line: 256
Column: 15
CWE codes:
120
20
// Read from source.
std::streamsize chars =
obj().read(buf.data() + pback_size_, buf.size() - pback_size_, next_);
if (chars == -1) {
this->set_true_eof(true);
chars = 0;
}
setg(eback(), gptr(), buf.data() + pback_size_ + chars);
Reported by FlawFinder.