The following issues were found
src/third_party/boost/boost/regex/v4/u32regex_iterator.hpp
2 issues
Line: 153
Column: 52
CWE codes:
126
inline u32regex_iterator<const char*> make_u32regex_iterator(const char* p, const u32regex& e, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_iterator<const char*>(p, p+std::strlen(p), e, m);
}
#ifndef BOOST_NO_WREGEX
inline u32regex_iterator<const wchar_t*> make_u32regex_iterator(const wchar_t* p, const u32regex& e, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_iterator<const wchar_t*>(p, p+std::wcslen(p), e, m);
Reported by FlawFinder.
Line: 158
Column: 55
CWE codes:
126
#ifndef BOOST_NO_WREGEX
inline u32regex_iterator<const wchar_t*> make_u32regex_iterator(const wchar_t* p, const u32regex& e, regex_constants::match_flag_type m = regex_constants::match_default)
{
return u32regex_iterator<const wchar_t*>(p, p+std::wcslen(p), e, m);
}
#endif
#if !defined(BOOST_REGEX_UCHAR_IS_WCHAR_T)
inline u32regex_iterator<const UChar*> make_u32regex_iterator(const UChar* p, const u32regex& e, regex_constants::match_flag_type m = regex_constants::match_default)
{
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/cstring.c
2 issues
Line: 157
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
U_CAPI int32_t U_EXPORT2
T_CString_integerToString(char* buffer, int32_t v, int32_t radix)
{
char tbuf[30];
int32_t tbx = sizeof(tbuf);
uint8_t digit;
int32_t length = 0;
uint32_t uval;
Reported by FlawFinder.
Line: 195
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
U_CAPI int32_t U_EXPORT2
T_CString_int64ToString(char* buffer, int64_t v, uint32_t radix)
{
char tbuf[30];
int32_t tbx = sizeof(tbuf);
uint8_t digit;
int32_t length = 0;
uint64_t uval;
Reported by FlawFinder.
src/third_party/boost/boost/random/independent_bits.hpp
2 issues
Line: 33
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#include <boost/random/detail/signed_unsigned_tools.hpp>
namespace boost {
namespace random {
/**
* An instantiation of class template @c independent_bits_engine
* model a \pseudo_random_number_generator. It generates random
* numbers distributed between [0, 2^w) by combining one or
Reported by FlawFinder.
Line: 242
Column: 29
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
private:
/// \cond show_private
typedef typename boost::random::traits::make_unsigned<base_result_type>::type base_unsigned;
static BOOST_CONSTEXPR UIntType max_imp(const boost::true_type&)
{
return boost::low_bits_mask_t<w>::sig_bits;
}
Reported by FlawFinder.
src/third_party/boost/boost/multiprecision/number.hpp
2 issues
Line: 2043
Column: 7
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
if (!result.size())
state |= std::ios_base::failbit;
is.setstate(state);
return result;
}
} // namespace detail
Reported by FlawFinder.
Line: 2080
Column: 10
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
r.assign(s);
}
else if (!is.fail())
is.setstate(std::istream::failbit);
return is;
}
template <class Backend, expression_template_option ExpressionTemplates>
BOOST_MP_FORCEINLINE BOOST_MP_CXX14_CONSTEXPR void swap(number<Backend, ExpressionTemplates>& a, number<Backend, ExpressionTemplates>& b)
Reported by FlawFinder.
src/third_party/boost/boost/serialization/serialization.hpp
2 issues
Line: 59
Column: 5
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
inline void serialize(
Archive & ar, T & t, const unsigned int file_version
){
access::serialize(ar, t, static_cast<unsigned int>(file_version));
}
// save data required for construction
template<class Archive, class T>
inline void save_construct_data(
Reported by FlawFinder.
Line: 83
Column: 5
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
// default just uses the default constructor. going
// through access permits usage of otherwise private default
// constructor
access::construct(t);
}
/////////////////////////////////////////////////////////////////////////////
// layer 3 - move call into serialization namespace so that ADL will function
// in the manner we desire.
Reported by FlawFinder.
src/third_party/boost/boost/serialization/split_member.hpp
2 issues
Line: 43
Column: 13
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
const T & t,
const unsigned int file_version
){
access::member_save(ar, t, file_version);
}
};
template<class Archive, class T>
struct member_loader {
Reported by FlawFinder.
Line: 54
Column: 13
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
T & t,
const unsigned int file_version
){
access::member_load(ar, t, file_version);
}
};
} // detail
Reported by FlawFinder.
src/third_party/boost/boost/smart_ptr/atomic_shared_ptr.hpp
2 issues
Line: 76
Column: 14
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
atomic_shared_ptr() BOOST_SP_NOEXCEPT
{
boost::detail::spinlock init = BOOST_DETAIL_SPINLOCK_INIT;
std::memcpy( &l_, &init, sizeof( init ) );
}
atomic_shared_ptr( shared_ptr<T> p ) BOOST_SP_NOEXCEPT
#if !defined( BOOST_NO_CXX11_RVALUE_REFERENCES )
: p_( std::move( p ) )
Reported by FlawFinder.
Line: 87
Column: 14
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#endif
{
boost::detail::spinlock init = BOOST_DETAIL_SPINLOCK_INIT;
std::memcpy( &l_, &init, sizeof( init ) );
}
#endif
atomic_shared_ptr& operator=( shared_ptr<T> r ) BOOST_SP_NOEXCEPT
Reported by FlawFinder.
src/third_party/boost/boost/multiprecision/detail/constexpr.hpp
2 issues
Line: 50
Column: 15
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if constexpr (std::is_pointer<InputIterator>::value && std::is_pointer<OutputIterator>::value && std::is_trivially_copyable<typename std::remove_reference<decltype(*first)>::type>::value)
{
// The normal runtime branch:
std::memcpy(result, first, (last - first) * sizeof(*first));
return result + (last - first);
}
else
#endif
{
Reported by FlawFinder.
Line: 69
Column: 35
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
}
template <class I>
inline BOOST_CXX14_CONSTEXPR bool equal(const I* first, const I* last, const I* other)
{
while (first != last)
{
if (*first != *other)
return false;
Reported by FlawFinder.
src/third_party/boost/boost/multiprecision/cpp_int/import_export.hpp
2 issues
Line: 135
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
cpp_int_backend<MinBits, MaxBits, SignType, Checked, Allocator>& result = val.backend();
result.resize(static_cast<unsigned>(limb_len), static_cast<unsigned>(limb_len)); // checked types may throw here if they're not large enough to hold the data!
result.limbs()[result.size() - 1] = 0u;
std::memcpy(result.limbs(), i, (std::min)(byte_len, result.size() * sizeof(limb_type)));
result.normalize(); // In case data has leading zeros.
return val;
}
template <unsigned MinBits, unsigned MaxBits, cpp_integer_type SignType, cpp_int_check_type Checked, class Allocator, expression_template_option ExpressionTemplates, class T>
inline typename std::enable_if<boost::multiprecision::backends::is_trivial_cpp_int<cpp_int_backend<MinBits, MaxBits, SignType, Checked, Allocator> >::value, number<cpp_int_backend<MinBits, MaxBits, SignType, Checked, Allocator>, ExpressionTemplates>&>::type
Reported by FlawFinder.
Line: 151
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
++limb_len;
result.limbs()[0] = 0u;
result.resize(static_cast<unsigned>(limb_len), static_cast<unsigned>(limb_len)); // checked types may throw here if they're not large enough to hold the data!
std::memcpy(result.limbs(), i, (std::min)(byte_len, result.size() * sizeof(result.limbs()[0])));
result.normalize(); // In case data has leading zeros.
return val;
}
} // namespace detail
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/devtools/rootAnalysis/t/hazards/source.cpp
2 issues
Line: 90
CWE codes:
562
// Hazard in return value due to ~GCInDestructor
Cell* cell6 = &cell;
return cell6;
}
Cell* copy_and_gc(Cell* src)
{
GC();
Reported by Cppcheck.
Line: 120
CWE codes:
908
// No hazard: haz1 is not live during call to copy_and_gc.
Cell* haz1;
for (int i = 0; i < 10; i++) {
haz1 = copy_and_gc(haz1);
}
// No hazard: haz2 is live up to just before the GC, and starting at the
// next statement after it, but not across the GC.
Cell* haz2 = &cell;
Reported by Cppcheck.