The following issues were found

src/third_party/icu4c-57.1/source/common/uresimp.h
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 51 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  UResourceDataEntry *fAlias;
    UResourceDataEntry *fPool;
    ResourceData fData; /* data for low level access */
    char fNameBuffer[3]; /* A small buffer of free space for fName. The free space is due to struct padding. */
    uint32_t fCountExisting; /* how much is this resource used */
    UErrorCode fBogus;
    /* int32_t fHashKey;*/ /* for faster access in the hashtable */
};

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 68 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  UResourceDataEntry *fTopLevelData; /* for getting the valid locale */
    char *fResPath; /* full path to the resource: "zh_TW/CollationElements/Sequence" */
    ResourceData fResData;
    char fResBuf[RES_BUFSIZE];
    int32_t fResPathLen;
    Resource fRes;
    UBool fHasFallback;
    UBool fIsTopLevel;
    uint32_t fMagic1;   /* For determining if it's a stack object */

Reported by FlawFinder.

src/third_party/boost/boost/iostreams/filter/symmetric.hpp
2 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 100 Column: 21 CWE codes: 120 20 

                  #undef BOOST_PP_LOCAL_MACRO

    template<typename Source>
    std::streamsize read(Source& src, char_type* s, std::streamsize n)
    {
        using namespace std;
        if (!(state() & f_read))
            begin_read();

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 206 Column: 42 CWE codes: 120 20 

                  template<typename Source>
    int fill(Source& src)
    {
        std::streamsize amt = iostreams::read(src, buf().data(), buf().size());
        if (amt == -1) {
            state() |= f_eof;
            return f_eof;
        }
        buf().set(0, amt);

Reported by FlawFinder.

src/third_party/boost/boost/iostreams/filter/counter.hpp
2 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 50 Column: 21 CWE codes: 120 20 

                  std::streamsize optimal_buffer_size() const { return 0; }

    template<typename Source>
    std::streamsize read(Source& src, char_type* s, std::streamsize n)
    {
        std::streamsize result = iostreams::read(src, s, n);
        if (result == -1)
            return -1;
        lines_ += std::count(s, s + result, char_traits<Ch>::newline());

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 52 Column: 45 CWE codes: 120 20 

                  template<typename Source>
    std::streamsize read(Source& src, char_type* s, std::streamsize n)
    {
        std::streamsize result = iostreams::read(src, s, n);
        if (result == -1)
            return -1;
        lines_ += std::count(s, s + result, char_traits<Ch>::newline());
        chars_ += result;
        return result;

Reported by FlawFinder.

src/third_party/boost/boost/iostreams/filter/aggregate.hpp
2 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 58 Column: 21 CWE codes: 120 20 

                  virtual ~aggregate_filter() { }

    template<typename Source>
    std::streamsize read(Source& src, char_type* s, std::streamsize n)
    {
        using namespace std;
        BOOST_ASSERT(!(state_ & f_write));
        state_ |= f_read;
        if (!(state_ & f_eof))

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 120 Column: 42 CWE codes: 120 20 

                          const std::streamsize  size = default_device_buffer_size;
            Ch                     buf[size];
            std::streamsize        amt;
            if ((amt = boost::iostreams::read(src, buf, size)) == -1)
                break;
            data.insert(data.end(), buf, buf + amt);
        }
        do_filter(data, data_);
        state_ |= f_eof;

Reported by FlawFinder.

src/third_party/boost/boost/iostreams/device/null.hpp
2 issues
read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 32 Column: 21 CWE codes: 120 20 

                        public device_tag,
          public closable_tag
        { };
    std::streamsize read(Ch*, std::streamsize) { return -1; }
    std::streamsize write(const Ch*, std::streamsize n) { return n; }
    std::streampos seek( stream_offset, BOOST_IOS::seekdir,
                         BOOST_IOS::openmode = 
                             BOOST_IOS::in | BOOST_IOS::out ) 
    { return -1; }

Reported by FlawFinder.

read - Check buffer boundaries if used in a loop including recursive loops
Security

Line: 46 Column: 41 CWE codes: 120 20 

              struct basic_null_source : private basic_null_device<Ch, input> {
    typedef Ch          char_type;
    typedef source_tag  category;
    using basic_null_device<Ch, input>::read;
    using basic_null_device<Ch, input>::close;
};

typedef basic_null_source<char>     null_source;
typedef basic_null_source<wchar_t>  wnull_source;

Reported by FlawFinder.

src/third_party/gperftools/dist/src/base/simple_mutex.h
2 issues
InitializeCriticalSection - Exceptions can be thrown in low-memory situations
Security

Line: 220 Column: 3 CWE codes:
Suggestion: Use InitializeCriticalSectionAndSpinCount instead 

              #elif defined(_WIN32) || defined(__CYGWIN__) || defined(__CYGWIN32__)

Mutex::Mutex() : destroy_(true) {
  InitializeCriticalSection(&mutex_);
  SetIsSafe();
}
Mutex::Mutex(LinkerInitialized) : destroy_(false) {
  InitializeCriticalSection(&mutex_);
  SetIsSafe();

Reported by FlawFinder.

InitializeCriticalSection - Exceptions can be thrown in low-memory situations
Security

Line: 224 Column: 3 CWE codes:
Suggestion: Use InitializeCriticalSectionAndSpinCount instead 

                SetIsSafe();
}
Mutex::Mutex(LinkerInitialized) : destroy_(false) {
  InitializeCriticalSection(&mutex_);
  SetIsSafe();
}
Mutex::~Mutex()            { if (destroy_) DeleteCriticalSection(&mutex_); }
void Mutex::Lock()         { if (is_safe_) EnterCriticalSection(&mutex_); }
void Mutex::Unlock()       { if (is_safe_) LeaveCriticalSection(&mutex_); }

Reported by FlawFinder.

src/third_party/boost/boost/iostreams/detail/streambuf/direct_streambuf.hpp
2 issues
open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 59 Column: 10 CWE codes: 362 

                              char_type, traits_type
            )                                             streambuf_type;
public: // stream needs access.
    void open(const T& t, std::streamsize buffer_size, 
              std::streamsize pback_size);
    bool is_open() const;
    void close();
    bool auto_close() const { return auto_close_; }
    void set_auto_close(bool close) { auto_close_ = close; }

Reported by FlawFinder.

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?
Security

Line: 114 Column: 31 CWE codes: 362 

              { this->set_true_eof(true); }

template<typename T, typename Tr>
void direct_streambuf<T, Tr>::open
    (const T& t, std::streamsize, std::streamsize)
{
    storage_.reset(t);
    init_input(category());
    init_output(category());

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/jit/shared/CodeGenerator-shared-inl.h
2 issues
access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition
Security

Line: 392 Column: 16 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly 

                      MOZ_CRASH("Unexpected array type");
    }

    HeapAccess access(kind, TypedArrayElemSize(type), ComplexAddress(mem), op);
    masm.verifyHeapAccessDisassembly(begin, end, access);
#endif
}

void

Reported by FlawFinder.

access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition
Security

Line: 393 Column: 50 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly 

                  }

    HeapAccess access(kind, TypedArrayElemSize(type), ComplexAddress(mem), op);
    masm.verifyHeapAccessDisassembly(begin, end, access);
#endif
}

void
CodeGeneratorShared::verifyLoadDisassembly(uint32_t begin, uint32_t end, Scalar::Type type,

Reported by FlawFinder.

src/third_party/boost/libs/log/src/attribute_set_impl.hpp
2 issues
There is an unknown macro here somewhere. Configuration is required. If BOOST_LOG_OPEN_NAMESPACE is a macro then please configure it.
Error

Line: 48 

              
namespace boost {

BOOST_LOG_OPEN_NAMESPACE

//! A simple pooling allocator
template< typename T >
class pool_allocator :
    public std::allocator< T >

Reported by Cppcheck.

There is an unknown macro here somewhere. Configuration is required. If BOOST_LOG_OPEN_NAMESPACE is a macro then please configure it.
Error

Line: 48 

              
namespace boost {

BOOST_LOG_OPEN_NAMESPACE

//! A simple pooling allocator
template< typename T >
class pool_allocator :
    public std::allocator< T >

Reported by Cppcheck.

src/third_party/boost/boost/random/detail/signed_unsigned_tools.hpp
2 issues
random - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 19 Column: 11 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values 

              #include <boost/random/traits.hpp>

namespace boost {
namespace random {
namespace detail {


/*
 * Compute x - y, we know that x >= y, return an unsigned value.

Reported by FlawFinder.

random - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 40 Column: 27 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values 

              template<class T>
struct subtract<T, /* signed */ true>
{
  typedef typename boost::random::traits::make_unsigned_or_unbounded<T>::type result_type;
  result_type operator()(T x, T y)
  {
    if (y >= 0)   // because x >= y, it follows that x >= 0, too
      return result_type(x) - result_type(y);
    if (x >= 0)   // y < 0

Reported by FlawFinder.