The following issues were found
src/third_party/mozjs-60/extract/js/src/jit/x64/Assembler-x64.cpp
2 issues
Line: 271
Column: 10
CWE codes:
120
20
tableStart_ = reader_.readFixedUint32_t();
}
bool read() {
if (!reader_.more())
return false;
offset_ = reader_.readUnsigned();
extOffset_ = reader_.readUnsigned();
return true;
Reported by FlawFinder.
Line: 306
Column: 17
CWE codes:
120
20
Assembler::TraceJumpRelocations(JSTracer* trc, JitCode* code, CompactBufferReader& reader)
{
RelocationIterator iter(reader);
while (iter.read()) {
JitCode* child = CodeFromJump(code, code->raw() + iter.offset());
TraceManuallyBarrieredEdge(trc, &child, "rel32");
MOZ_ASSERT(child == CodeFromJump(code, code->raw() + iter.offset()));
}
}
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/i18n/anytrans.cpp
2 issues
Line: 177
//------------------------------------------------------------
// AnyTransliterator
UOBJECT_DEFINE_RTTI_IMPLEMENTATION(AnyTransliterator)
AnyTransliterator::AnyTransliterator(const UnicodeString& id,
const UnicodeString& theTarget,
const UnicodeString& theVariant,
UScriptCode theTargetScript,
Reported by Cppcheck.
Line: 330
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
* Return the script code for a given name, or -1 if not found.
*/
static UScriptCode scriptNameToCode(const UnicodeString& name) {
char buf[128];
UScriptCode code;
UErrorCode ec = U_ZERO_ERROR;
int32_t nameLen = name.length();
UBool isInvariant = uprv_isInvariantUString(name.getBuffer(), nameLen);
Reported by FlawFinder.
src/third_party/gperftools/dist/src/base/vdso_support.cc
2 issues
Line: 85
Column: 14
CWE codes:
362
vdso_base_ = NULL;
return NULL;
}
int fd = open("/proc/self/auxv", O_RDONLY);
if (fd == -1) {
// Kernel too old to have a VDSO.
vdso_base_ = NULL;
return NULL;
}
Reported by FlawFinder.
Line: 92
Column: 12
CWE codes:
120
20
return NULL;
}
ElfW(auxv_t) aux;
while (read(fd, &aux, sizeof(aux)) == sizeof(aux)) {
if (aux.a_type == AT_SYSINFO_EHDR) {
COMPILE_ASSERT(sizeof(vdso_base_) == sizeof(aux.a_un.a_val),
unexpected_sizeof_pointer_NE_sizeof_a_val);
vdso_base_ = reinterpret_cast<void *>(aux.a_un.a_val);
break;
Reported by FlawFinder.
src/third_party/boost/boost/iostreams/detail/config/rtl.hpp
2 issues
Line: 33
Column: 55
CWE codes:
362
#else
# define BOOST_IOSTREAMS_RTL(x) ::x // Distinguish from member function named x
#endif
#define BOOST_IOSTREAMS_FD_OPEN BOOST_IOSTREAMS_RTL(open)
#define BOOST_IOSTREAMS_FD_CLOSE BOOST_IOSTREAMS_RTL(close)
#define BOOST_IOSTREAMS_FD_READ BOOST_IOSTREAMS_RTL(read)
#define BOOST_IOSTREAMS_FD_WRITE BOOST_IOSTREAMS_RTL(write)
// Handle lseek, off_t, ftruncate, and stat
Reported by FlawFinder.
Line: 35
Column: 55
CWE codes:
120
20
#endif
#define BOOST_IOSTREAMS_FD_OPEN BOOST_IOSTREAMS_RTL(open)
#define BOOST_IOSTREAMS_FD_CLOSE BOOST_IOSTREAMS_RTL(close)
#define BOOST_IOSTREAMS_FD_READ BOOST_IOSTREAMS_RTL(read)
#define BOOST_IOSTREAMS_FD_WRITE BOOST_IOSTREAMS_RTL(write)
// Handle lseek, off_t, ftruncate, and stat
#ifdef BOOST_IOSTREAMS_WINDOWS
# if defined(BOOST_MSVC) || defined(__MSVCRT__) // MSVC, MinGW
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/jit/x86-shared/Assembler-x86-shared.cpp
2 issues
Line: 32
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
AssemblerX86Shared::copyJumpRelocationTable(uint8_t* dest)
{
if (jumpRelocations_.length())
memcpy(dest, jumpRelocations_.buffer(), jumpRelocations_.length());
}
void
AssemblerX86Shared::copyDataRelocationTable(uint8_t* dest)
{
Reported by FlawFinder.
Line: 39
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
AssemblerX86Shared::copyDataRelocationTable(uint8_t* dest)
{
if (dataRelocations_.length())
memcpy(dest, dataRelocations_.buffer(), dataRelocations_.length());
}
static void
TraceDataRelocations(JSTracer* trc, CompactBufferReader& reader,
uint8_t* buffer, size_t bufferSize)
Reported by FlawFinder.
src/third_party/boost/libs/log/src/core.cpp
2 issues
Line: 168
//! Returns the flag indicating whether it is needed to detach the record from the current thread
bool is_detach_from_thread_needed() const BOOST_NOEXCEPT { return m_detach_from_thread_needed; }
BOOST_DELETED_FUNCTION(private_data(private_data const&))
BOOST_DELETED_FUNCTION(private_data& operator= (private_data const&))
private:
//! Returns a pointer to the first accepting sink
sink_ptr* begin() BOOST_NOEXCEPT
Reported by Cppcheck.
Line: 245
Column: 9
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
attribute_set m_thread_attributes;
#endif
//! Random number generator for shuffling
random::taus88 m_rng;
thread_data() : m_rng(get_random_seed())
{
}
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/i18n/chnsecal.cpp
2 issues
Line: 43
CWE codes:
664
va_start(ap, pat);
vfprintf(stderr, pat, ap);
fflush(stderr);
}
// must use double parens, i.e.: U_DEBUG_CHNSECAL_MSG(("four is: %d",4));
#define U_DEBUG_CHNSECAL_MSG(x) {debug_chnsecal_loc(__FILE__,__LINE__);debug_chnsecal_msg x;}
#else
#define U_DEBUG_CHNSECAL_MSG(x)
#endif
Reported by Cppcheck.
Line: 41
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
{
va_list ap;
va_start(ap, pat);
vfprintf(stderr, pat, ap);
fflush(stderr);
}
// must use double parens, i.e.: U_DEBUG_CHNSECAL_MSG(("four is: %d",4));
#define U_DEBUG_CHNSECAL_MSG(x) {debug_chnsecal_loc(__FILE__,__LINE__);debug_chnsecal_msg x;}
#else
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/i18n/choicfmt.cpp
2 issues
Line: 172
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
UnicodeString& string)
{
/* Buffer to contain the digits and any extra formatting stuff. */
char temp[DBL_DIG + 16];
char *itrPtr = temp;
char *expPtr;
sprintf(temp, "%.*g", DBL_DIG, value);
Reported by FlawFinder.
Line: 176
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
char *itrPtr = temp;
char *expPtr;
sprintf(temp, "%.*g", DBL_DIG, value);
/* Find and convert the decimal point.
Using setlocale on some machines will cause sprintf to use a comma for certain locales.
*/
while (*itrPtr && (*itrPtr == '-' || isdigit(*itrPtr))) {
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/jit/x86/Assembler-x86.cpp
2 issues
Line: 95
Column: 17
CWE codes:
120
20
Assembler::TraceJumpRelocations(JSTracer* trc, JitCode* code, CompactBufferReader& reader)
{
RelocationIterator iter(reader);
while (iter.read()) {
JitCode* child = CodeFromJump(code->raw() + iter.offset());
TraceManuallyBarrieredEdge(trc, &child, "rel32");
MOZ_ASSERT(child == CodeFromJump(code->raw() + iter.offset()));
}
}
Reported by FlawFinder.
src/third_party/gperftools/dist/src/emergency_malloc.cc
2 issues
Line: 71
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
static union {
char bytes[sizeof(EmergencyArenaPagesAllocator)];
void *ptr;
} pages_allocator_place;
static void InitEmergencyMalloc(void) {
const int32 flags = LowLevelAlloc::kAsyncSignalSafe;
Reported by FlawFinder.
Line: 153
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
errno = ENOMEM;
return NULL;
}
memcpy(new_ptr, old_ptr, copy_size);
LowLevelAlloc::Free(old_ptr);
return new_ptr;
}
Reported by FlawFinder.