The following issues were found
src/third_party/boost/boost/multi_index/detail/copy_map.hpp
2 issues
Line: 140
Column: 37
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
template<typename ValueAccess>
void clone(Node* node,ValueAccess access)
{
(spc.data()+n)->first=node;
(spc.data()+n)->second=raw_ptr<Node*>(allocate());
BOOST_TRY{
alloc_traits::construct(
Reported by FlawFinder.
Line: 147
Column: 9
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
BOOST_TRY{
alloc_traits::construct(
al_,boost::addressof((spc.data()+n)->second->value()),
access(node->value()));
}
BOOST_CATCH(...){
deallocate((spc.data()+n)->second);
BOOST_RETHROW;
}
Reported by FlawFinder.
src/third_party/boost/libs/locale/src/encoding/wconv_codepage.ipp
2 issues
Line: 197
CWE codes:
908
size_t n = sizeof(all_windows_encodings)/sizeof(all_windows_encodings[0]);
windows_encoding *begin = all_windows_encodings;
windows_encoding *end = all_windows_encodings + n;
windows_encoding *ptr = std::lower_bound(begin,end,ref);
if(ptr!=end && strcmp(ptr->name,charset.c_str())==0) {
if(ptr->was_tested) {
return ptr->codepage;
}
else if(IsValidCodePage(ptr->codepage)) {
Reported by Cppcheck.
Line: 197
CWE codes:
908
size_t n = sizeof(all_windows_encodings)/sizeof(all_windows_encodings[0]);
windows_encoding *begin = all_windows_encodings;
windows_encoding *end = all_windows_encodings + n;
windows_encoding *ptr = std::lower_bound(begin,end,ref);
if(ptr!=end && strcmp(ptr->name,charset.c_str())==0) {
if(ptr->was_tested) {
return ptr->codepage;
}
else if(IsValidCodePage(ptr->codepage)) {
Reported by Cppcheck.
src/third_party/boost/boost/random/uniform_on_sphere.hpp
2 issues
Line: 29
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#include <boost/random/normal_distribution.hpp>
namespace boost {
namespace random {
/**
* Instantiations of class template uniform_on_sphere model a
* \random_distribution. Such a distribution produces random
* numbers uniformly distributed on the unit sphere of arbitrary
Reported by FlawFinder.
Line: 284
Column: 7
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
} // namespace random
using random::uniform_on_sphere;
} // namespace boost
#endif // BOOST_RANDOM_UNIFORM_ON_SPHERE_HPP
Reported by FlawFinder.
src/third_party/boost/boost/thread/win32/once.hpp
2 issues
Line: 32
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#ifdef BOOST_NO_STDC_NAMESPACE
namespace std
{
using ::memcpy;
using ::ptrdiff_t;
}
#endif
namespace boost
Reported by FlawFinder.
Line: 124
Column: 18
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
BOOST_STATIC_ASSERT(sizeof(fixed_mutex_name) ==
(sizeof(once_char_type)*(once_mutex_name_fixed_length+1)));
std::memcpy(mutex_name,fixed_mutex_name,sizeof(fixed_mutex_name));
detail::int_to_string(reinterpret_cast<std::ptrdiff_t>(flag_address),
mutex_name + once_mutex_name_fixed_length);
detail::int_to_string(winapi::GetCurrentProcessId(),
mutex_name + once_mutex_name_fixed_length + sizeof(void*)*2);
}
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/gc/StoreBuffer.cpp
2 issues
Line: 29
Column: 28
CWE codes:
120
20
return;
for (LifoAlloc::Enum e(*storage_); !e.empty();) {
unsigned size = *e.read<unsigned>();
BufferableRef* edge = e.read<BufferableRef>(size);
edge->trace(trc);
}
}
Reported by FlawFinder.
Line: 30
Column: 33
CWE codes:
120
20
for (LifoAlloc::Enum e(*storage_); !e.empty();) {
unsigned size = *e.read<unsigned>();
BufferableRef* edge = e.read<BufferableRef>(size);
edge->trace(trc);
}
}
bool
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/gc/Verifier.cpp
2 issues
Line: 716
return failures == 0;
}
JS_FRIEND_API(bool)
js::CheckGrayMarkingState(JSRuntime* rt)
{
MOZ_ASSERT(!JS::CurrentThreadIsHeapCollecting());
MOZ_ASSERT(!rt->gc.isIncrementalGCInProgress());
if (!rt->gc.areGrayBitsValid())
Reported by Cppcheck.
Line: 376
Column: 25
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
for (uint32_t i = 0; i < node->count; i++) {
EdgeValue& edge = node->edges[i];
if (!IsMarkedOrAllocated(edge)) {
char msgbuf[1024];
SprintfLiteral(msgbuf,
"[barrier verifier] Unmarked edge: %s %p '%s' edge to %s %p",
JS::GCTraceKindToAscii(node->kind), node->thing,
edge.label,
JS::GCTraceKindToAscii(edge.kind), edge.thing);
Reported by FlawFinder.
src/third_party/boost/boost/random/uniform_int.hpp
2 issues
Line: 36
Column: 28
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
* new code.
*/
template<class IntType = int>
class uniform_int : public random::uniform_int_distribution<IntType>
{
typedef random::uniform_int_distribution<IntType> base_type;
public:
class param_type : public base_type::param_type
Reported by FlawFinder.
Line: 38
Column: 13
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
template<class IntType = int>
class uniform_int : public random::uniform_int_distribution<IntType>
{
typedef random::uniform_int_distribution<IntType> base_type;
public:
class param_type : public base_type::param_type
{
public:
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/ucnv_imp.h
2 issues
Line: 46
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
(name[3]=='8' && name[4]==0)))
typedef struct {
char cnvName[UCNV_MAX_CONVERTER_NAME_LENGTH];
char locale[ULOC_FULLNAME_CAPACITY];
uint32_t options;
} UConverterNamePieces;
U_CFUNC UBool
Reported by FlawFinder.
Line: 47
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct {
char cnvName[UCNV_MAX_CONVERTER_NAME_LENGTH];
char locale[ULOC_FULLNAME_CAPACITY];
uint32_t options;
} UConverterNamePieces;
U_CFUNC UBool
ucnv_canCreateConverter(const char *converterName, UErrorCode *err);
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/ucnv_io.cpp
2 issues
Line: 554
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint32_t lastMid;
int result;
int isUnnormalized = (gMainTable.optionTable->stringNormalizationType == UCNV_IO_UNNORMALIZED);
char strippedName[UCNV_MAX_CONVERTER_NAME_LENGTH];
if (!isUnnormalized) {
if (uprv_strlen(alias) >= UCNV_MAX_CONVERTER_NAME_LENGTH) {
*pErrorCode = U_BUFFER_OVERFLOW_ERROR;
return UINT32_MAX;
Reported by FlawFinder.
Line: 1114
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int32_t
io_compareRows(const void *context, const void *left, const void *right) {
char strippedLeft[UCNV_MAX_CONVERTER_NAME_LENGTH],
strippedRight[UCNV_MAX_CONVERTER_NAME_LENGTH];
TempAliasTable *tempTable=(TempAliasTable *)context;
const char *chars=tempTable->chars;
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/ucnv_u16.c
2 issues
Line: 57
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint32_t targetCapacity, length, sourceIndex;
UChar c, trail;
char overflow[4];
source=pArgs->source;
length=(int32_t)(pArgs->sourceLimit-source);
if(length<=0) {
/* no input, nothing to do */
Reported by FlawFinder.
Line: 653
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint32_t targetCapacity, length, sourceIndex;
UChar c, trail;
char overflow[4];
source=pArgs->source;
length=(int32_t)(pArgs->sourceLimit-source);
if(length<=0) {
/* no input, nothing to do */
Reported by FlawFinder.