The following issues were found
src/mongo/util/stacktrace_libunwind_test.cpp
2 issues
Line: 123
v.remove_suffix(v.size() - pos);
}
TEST(Unwind, Demangled) {
// Trickery with std::vector<std::function> is to hide from the optimizer.
Context ctx{{
callNext<0>,
callNext<1>,
callNext<2>,
Reported by Cppcheck.
Line: 75
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
break;
}
out += "0x{:x}:"_format(pc);
char sym[32 << 10];
char* name = sym;
int err;
if ((err = unw_get_proc_name(&cursor, sym, sizeof(sym), &offset)) != 0) {
out += " -- error: unable to obtain symbol name for this frame: {:d}\n"_format(err);
continue;
Reported by FlawFinder.
src/mongo/db/exec/sbe/stages/sorted_merge.cpp
2 issues
Line: 118
Column: 24
CWE codes:
362
return ctx.getAccessor(slot);
}
void SortedMergeStage::open(bool reOpen) {
++_commonStats.opens;
for (size_t i = 0; i < _children.size(); ++i) {
auto& child = _children[i];
child->open(reOpen);
Reported by FlawFinder.
Line: 123
Column: 16
CWE codes:
362
for (size_t i = 0; i < _children.size(); ++i) {
auto& child = _children[i];
child->open(reOpen);
}
_merger->init();
}
PlanState SortedMergeStage::getNext() {
Reported by FlawFinder.
src/third_party/abseil-cpp-master/abseil-cpp/absl/strings/internal/str_format/output_test.cc
2 issues
Line: 34
EXPECT_EQ(str, "ABCDEF");
}
TEST(InvokeFlush, Stream) {
std::stringstream str;
str << "ABC";
str_format_internal::InvokeFlush(&str, "DEF");
EXPECT_EQ(str.str(), "ABCDEF");
}
Reported by Cppcheck.
Line: 48
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
TEST(BufferRawSink, Limits) {
char buf[16];
{
std::fill(std::begin(buf), std::end(buf), 'x');
str_format_internal::BufferRawSink bufsink(buf, sizeof(buf) - 1);
str_format_internal::InvokeFlush(&bufsink, "Hello World237");
EXPECT_EQ(std::string(buf, sizeof(buf)), "Hello World237xx");
Reported by FlawFinder.
src/third_party/abseil-cpp-master/abseil-cpp/absl/strings/internal/str_format/parser.cc
2 issues
Line: 107
CWE codes:
908
} while (0)
const auto parse_digits = [&] {
int digits = c - '0';
// We do not want to overflow `digits` so we consume at most digits10
// digits. If there are more digits the parsing will fail later on when the
// digit doesn't match the expected characters.
int num_digits = std::numeric_limits<int>::digits10;
for (;;) {
Reported by Cppcheck.
Line: 304
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
size_t AppendText(string_view s) {
memcpy(data_pos, s.data(), s.size());
data_pos += s.size();
return static_cast<size_t>(data_pos - parsed->data_.get());
}
ParsedFormatBase *parsed;
Reported by FlawFinder.
src/third_party/asio-master/asio/include/asio/raw_socket_service.hpp
2 issues
Line: 141
Column: 21
CWE codes:
362
}
// Open a new raw socket implementation.
ASIO_SYNC_OP_VOID open(implementation_type& impl,
const protocol_type& protocol, asio::error_code& ec)
{
if (protocol.type() == ASIO_OS_DEF(SOCK_RAW))
service_impl_.open(impl, protocol, ec);
else
Reported by FlawFinder.
Line: 145
Column: 21
CWE codes:
362
const protocol_type& protocol, asio::error_code& ec)
{
if (protocol.type() == ASIO_OS_DEF(SOCK_RAW))
service_impl_.open(impl, protocol, ec);
else
ec = asio::error::invalid_argument;
ASIO_SYNC_OP_VOID_RETURN(ec);
}
Reported by FlawFinder.
src/mongo/bson/bsonobjbuilder.h
2 issues
Line: 173
Column: 43
CWE codes:
120
20
Derived& appendObject(StringData fieldName, const char* objdata, int size = 0) {
verify(objdata);
if (size == 0) {
size = ConstDataView(objdata).read<LittleEndian<int>>();
}
verify(size > 4 && size < 100000000);
_b.appendNum((char)Object);
Reported by FlawFinder.
Line: 381
Column: 44
CWE codes:
126
}
/** Append a string element */
Derived& append(StringData fieldName, const char* str) {
return append(fieldName, str, (int)strlen(str) + 1);
}
/** Append a string element */
Derived& append(StringData fieldName, StringData str) {
_b.appendNum((char)String);
_b.appendStr(fieldName);
Reported by FlawFinder.
src/third_party/asio-master/asio/include/asio/seq_packet_socket_service.hpp
2 issues
Line: 143
Column: 21
CWE codes:
362
}
/// Open a sequenced packet socket.
ASIO_SYNC_OP_VOID open(implementation_type& impl,
const protocol_type& protocol, asio::error_code& ec)
{
if (protocol.type() == ASIO_OS_DEF(SOCK_SEQPACKET))
service_impl_.open(impl, protocol, ec);
else
Reported by FlawFinder.
Line: 147
Column: 21
CWE codes:
362
const protocol_type& protocol, asio::error_code& ec)
{
if (protocol.type() == ASIO_OS_DEF(SOCK_SEQPACKET))
service_impl_.open(impl, protocol, ec);
else
ec = asio::error::invalid_argument;
ASIO_SYNC_OP_VOID_RETURN(ec);
}
Reported by FlawFinder.
src/mongo/util/decimal_counter.h
2 issues
Line: 108
Column: 14
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
ItoA startItoA(start);
StringData startStr(startItoA);
std::memcpy(_digits, startStr.rawData(), startStr.size());
return startStr.size() - 1;
}
// Add 1, because digit10 is 1 less than the maximum number of digits, and 1 for the final '\0'.
static constexpr size_t kBufSize = std::numeric_limits<T>::digits10 + 2;
Reported by FlawFinder.
Line: 114
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Add 1, because digit10 is 1 less than the maximum number of digits, and 1 for the final '\0'.
static constexpr size_t kBufSize = std::numeric_limits<T>::digits10 + 2;
char _digits[kBufSize] = {'0'}; // Remainder is zero-initialized.
uint8_t _lastDigitIndex; // Indicates the last digit in _digits.
T _counter;
};
} // namespace mongo
Reported by FlawFinder.
src/mongo/db/query/planner_ixselect_test.cpp
2 issues
Line: 125
* Basic test cases for getFields()
* Includes logical operators
*/
TEST(QueryPlannerIXSelectTest, GetFieldsBasic) {
// Arguments to test function: query, prefix, comma-delimited list of expected fields
testGetFields("{}", "", "");
testGetFields("{a: 1}", "", "a");
testGetFields("{a: 1}", "c.", "c.a");
testGetFields("{a: 1, b: 1}", "", "a,b");
Reported by Cppcheck.
Line: 1347
Column: 17
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
return SimpleBSONObjComparator::kInstance.evaluate(a < b);
});
return std::equal(keyPatterns->begin(),
keyPatterns->end(),
entries->begin(),
[](const BSONObj& keyPattern, const IndexEntry& ie) -> bool {
return SimpleBSONObjComparator::kInstance.evaluate(keyPattern ==
ie.keyPattern);
Reported by FlawFinder.
src/mongo/db/index/hash_key_generator_test.cpp
2 issues
Line: 96
SharedBufferFragmentBuilder allocator{KeyString::HeapBuilder::kHeapAllocatorDefaultBytes};
};
TEST_F(HashKeyGeneratorTest, CollationAppliedBeforeHashing) {
BSONObj obj = fromjson("{a: 'string'}");
KeyStringSet actualKeys;
CollatorInterfaceMock collator(CollatorInterfaceMock::MockType::kReverseString);
BSONObj indexSpec = fromjson("{a: 'hashed'}");
ExpressionKeysPrivate::getHashKeys(allocator,
Reported by Cppcheck.
Line: 74
Column: 15
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
return false;
}
if (!std::equal(expectedKeys.begin(), expectedKeys.end(), actualKeys.begin())) {
LOGV2(20679,
"Expected: {dumpKeyset_expectedKeys}, Actual: {dumpKeyset_actualKeys}",
"dumpKeyset_expectedKeys"_attr = dumpKeyset(expectedKeys),
"dumpKeyset_actualKeys"_attr = dumpKeyset(actualKeys));
return false;
Reported by FlawFinder.