The following issues were found

src/third_party/icu4c-57.1/source/i18n/zrule.cpp
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 45 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  UnicodeString s(nameLength==-1, name, nameLength);
    s = ((TimeZoneRule*)rule)->TimeZoneRule::getName(s);
    nameLength = s.length();
    memcpy(name, s.getBuffer(), nameLength);
    return;
}

U_CAPI int32_t U_EXPORT2
zrule_getRawOffset(ZRule* rule) {

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 96 Column: 5 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  ((InitialTimeZoneRule*)rule)->InitialTimeZoneRule::getName(s);
    nameLength = s.length();
    name = (UChar*)uprv_malloc(nameLength);
    memcpy(name, s.getBuffer(), nameLength);
    return;
}

U_CAPI int32_t U_EXPORT2
izrule_getRawOffset(IZRule* rule) {

Reported by FlawFinder.

src/third_party/boost/boost/type_traits/aligned_storage.hpp
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 45 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              {
    union data_t
    {
        char buf[size_];

        typename ::boost::type_with_alignment<alignment_>::type align_;
    } data_;
    void* address() const { return const_cast<aligned_storage_imp*>(this); }
};

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 56 Column: 7 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              {
   union data_t
   {
      char buf[size];
      ::boost::detail::max_align align_;
   } data_;
   void* address() const { return const_cast<aligned_storage_imp*>(this); }
};

Reported by FlawFinder.

src/third_party/gperftools/dist/src/tests/tcmalloc_large_unittest.cc
2 issues
Invalid malloc() argument nr 1. The value is -1 but the valid values are '0:'.
Error

Line: 53 CWE codes: 628 

              // Alloc a size that should always fail.

void TryAllocExpectFail(size_t size) {
  void* p1 = noopt(malloc(size));
  CHECK(p1 == NULL);

  void* p2 = noopt(malloc(1));
  CHECK(p2 != NULL);

Reported by Cppcheck.

Invalid realloc() argument nr 2. The value is -1 but the valid values are '0:'.
Error

Line: 59 CWE codes: 628 

                void* p2 = noopt(malloc(1));
  CHECK(p2 != NULL);

  void* p3 = noopt(realloc(p2, size));
  CHECK(p3 == NULL);

  free(p2);
}

Reported by Cppcheck.

src/third_party/kms-message/src/kms_azure_request.c
2 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 83 Column: 51 CWE codes: 126 

                    goto done;
   }

   if (!kms_request_append_payload (req, payload, strlen (payload))) {
      goto done;
   }

done:
   kms_request_free_string (path_and_query);

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 158 Column: 51 CWE codes: 126 

                    goto done;
   }

   if (!kms_request_append_payload (req, payload, strlen (payload))) {
      goto done;
   }

done:
   kms_request_free_string (path_and_query);

Reported by FlawFinder.

src/third_party/murmurhash3/MurmurHash3.cpp
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 92 Column: 10 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              FORCE_INLINE T getblock( const void* p, int i )
{
    T t;
    std::memcpy(&t, static_cast<const char*>(p) + i * sizeof(T), sizeof(T));
    return nativeToLittle(t);
}

FORCE_INLINE uint32_t getblock32( const void* p, int i )
{

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 111 Column: 10 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              FORCE_INLINE void putblock( void* p, int i, T t )
{
    t = nativeToLittle(t);
    std::memcpy(static_cast<char*>(p) + i * sizeof(T), &t, sizeof(T));
}

//-----------------------------------------------------------------------------
// Finalization mix - force all bits of a hash block to avalanche

Reported by FlawFinder.

src/third_party/boost/boost/core/checked_delete.hpp
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 34 Column: 13 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              template<class T> inline void checked_delete(T * x) BOOST_NOEXCEPT
{
    // intentionally complex - simplification causes regressions
    typedef char type_must_be_complete[ sizeof(T)? 1: -1 ];
    (void) sizeof(type_must_be_complete);
    delete x;
}

template<class T> inline void checked_array_delete(T * x) BOOST_NOEXCEPT

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 41 Column: 13 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
template<class T> inline void checked_array_delete(T * x) BOOST_NOEXCEPT
{
    typedef char type_must_be_complete[ sizeof(T)? 1: -1 ];
    (void) sizeof(type_must_be_complete);
    delete [] x;
}

template<class T> struct checked_deleter

Reported by FlawFinder.

src/third_party/boost/boost/asio/detail/win_iocp_socket_accept_op.hpp
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 161 Column: 12 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                Socket& peer_;
  Protocol protocol_;
  typename Protocol::endpoint* peer_endpoint_;
  unsigned char output_buffer_[(sizeof(sockaddr_storage_type) + 16) * 2];
  bool enable_connection_aborted_;
  Handler handler_;
  handler_work<Handler, IoExecutor> work_;
};

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 298 Column: 12 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                peer_socket_type peer_;
  Protocol protocol_;
  typename Protocol::endpoint* peer_endpoint_;
  unsigned char output_buffer_[(sizeof(sockaddr_storage_type) + 16) * 2];
  bool enable_connection_aborted_;
  Handler handler_;
  handler_work<Handler, IoExecutor> work_;
};

Reported by FlawFinder.

src/third_party/pcre-8.42/pcre_scanner_unittest.cc
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 133 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              static void TestBigComment() {
  string input;
  for (int i = 0; i < 1024; ++i) {
    char buf[1024];  // definitely big enough
    sprintf(buf, "    # Comment %d\n", i);
    input += buf;
  }
  input += "name = value;\n";

Reported by FlawFinder.

sprintf - Does not check for buffer overflows
Security

Line: 134 Column: 5 CWE codes: 120
Suggestion: Use sprintf_s, snprintf, or vsnprintf 

                string input;
  for (int i = 0; i < 1024; ++i) {
    char buf[1024];  // definitely big enough
    sprintf(buf, "    # Comment %d\n", i);
    input += buf;
  }
  input += "name = value;\n";

  Scanner s(input.c_str());

Reported by FlawFinder.

src/third_party/kms-message/src/kms_message_private.h
2 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 28 Column: 4 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              #include "kms_crypto.h"

struct _kms_request_t {
   char error[512];
   bool failed;
   bool finalized;
   /* Begin: AWS specific */
   kms_request_str_t *region;
   kms_request_str_t *service;

Reported by FlawFinder.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 67 Column: 4 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              } kms_response_parser_state_t;

struct _kms_response_parser_t {
   char error[512];
   bool failed;
   kms_response_t *response;
   kms_request_str_t *raw_response;
   int content_length;
   int start; /* start of the current thing getting parsed. */

Reported by FlawFinder.

src/third_party/boost/boost/container/vector.hpp
2 issues
equal - Function does not check the second iterator for over-read conditions
Security

Line: 308 Column: 87 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

                    (void)propagate_allocator; (void)p; (void)to_alloc; (void)from_alloc;
      const bool all_storage_propagable = !allocator_traits_type::is_partially_propagable::value ||
                                          !allocator_traits_type::storage_is_unpropagable(from_alloc, p);
      return all_storage_propagable && (propagate_allocator || allocator_traits_type::equal(from_alloc, to_alloc));
   }

   BOOST_CONTAINER_FORCEINLINE
      static bool are_swap_propagable(const allocator_type &l_a, pointer l_p, const allocator_type &r_a, pointer r_p, bool const propagate_allocator)
   {

Reported by FlawFinder.

equal - Function does not check the second iterator for over-read conditions
Security

Line: 317 Column: 87 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

                    (void)propagate_allocator; (void)l_p; (void)r_p; (void)l_a; (void)r_a;
      const bool all_storage_propagable = !allocator_traits_type::is_partially_propagable::value || 
              !(allocator_traits_type::storage_is_unpropagable(l_a, l_p) || allocator_traits_type::storage_is_unpropagable(r_a, r_p));
      return all_storage_propagable && (propagate_allocator || allocator_traits_type::equal(l_a, r_a));
   }

   //Constructor, does not throw
   vector_alloc_holder()
      BOOST_NOEXCEPT_IF(dtl::is_nothrow_default_constructible<allocator_type>::value)

Reported by FlawFinder.