The following issues were found
src/mongo/base/data_type.h
2 issues
Line: 70
Column: 22
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#endif
if (t) {
std::memcpy(t, ptr, sizeof(T));
}
if (advanced) {
*advanced = sizeof(T);
}
Reported by FlawFinder.
Line: 98
Column: 22
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#endif
if (ptr) {
std::memcpy(ptr, &t, sizeof(T));
}
if (advanced) {
*advanced = sizeof(T);
}
Reported by FlawFinder.
src/mongo/util/shared_buffer.h
2 issues
Line: 89
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void reallocOrCopy(size_t size) {
if (isShared()) {
auto tmp = SharedBuffer::allocate(size);
memcpy(tmp._holder->data(),
_holder->data(),
std::min(size, static_cast<size_t>(_holder->_capacity)));
swap(tmp);
} else if (_holder) {
realloc(size);
Reported by FlawFinder.
Line: 302
Column: 45
CWE codes:
120
20
}
size_t capacity() const {
return _data ? ConstDataView(_data).read<uint32_t>() : 0;
}
/**
* Releases the buffer to the caller. The caller may not free the buffer themselves,
* and must eventually turn it back into a UniqueBuffer using the reclaim() method.
Reported by FlawFinder.
src/third_party/abseil-cpp-master/abseil-cpp/absl/strings/numbers_benchmark.cc
2 issues
Line: 32
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
template <typename T>
void BM_FastIntToBuffer(benchmark::State& state) {
const int inc = state.range(0);
char buf[absl::numbers_internal::kFastToBufferSize];
// Use the unsigned type to increment to take advantage of well-defined
// modular arithmetic.
typename std::make_unsigned<T>::type x = 0;
for (auto _ : state) {
absl::numbers_internal::FastIntToBuffer(static_cast<T>(x), buf);
Reported by FlawFinder.
Line: 275
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
num = absl::LogUniform(rng, min, max);
}
char buf[16];
while (state.KeepRunningBatch(nums.size())) {
for (auto num : nums) {
auto digits = absl::numbers_internal::FastHexToBufferZeroPad16(num, buf);
benchmark::DoNotOptimize(digits);
benchmark::DoNotOptimize(buf);
Reported by FlawFinder.
src/third_party/asio-master/asio/include/asio/serial_port_service.hpp
2 issues
Line: 112
Column: 21
CWE codes:
362
}
/// Open a serial port.
ASIO_SYNC_OP_VOID open(implementation_type& impl,
const std::string& device, asio::error_code& ec)
{
service_impl_.open(impl, device, ec);
ASIO_SYNC_OP_VOID_RETURN(ec);
}
Reported by FlawFinder.
Line: 115
Column: 19
CWE codes:
362
ASIO_SYNC_OP_VOID open(implementation_type& impl,
const std::string& device, asio::error_code& ec)
{
service_impl_.open(impl, device, ec);
ASIO_SYNC_OP_VOID_RETURN(ec);
}
/// Assign an existing native handle to a serial port.
ASIO_SYNC_OP_VOID assign(implementation_type& impl,
Reported by FlawFinder.
src/mongo/base/data_range.h
2 issues
Line: 284
Column: 18
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
if (ptr) {
std::memcpy(ptr, t.data(), t.length());
}
if (advanced) {
*advanced = t.length();
}
Reported by FlawFinder.
Line: 161
Column: 7
CWE codes:
120
20
}
template <typename T>
T read(std::size_t offset = 0) const {
return uassertStatusOK(readNoThrow<T>(offset));
}
friend bool operator==(const ConstDataRange& lhs, const ConstDataRange& rhs) {
return std::tie(lhs._begin, lhs._end) == std::tie(rhs._begin, rhs._end);
Reported by FlawFinder.
src/third_party/asio-master/asio/include/asio/socket_acceptor_service.hpp
2 issues
Line: 140
Column: 21
CWE codes:
362
}
/// Open a new socket acceptor implementation.
ASIO_SYNC_OP_VOID open(implementation_type& impl,
const protocol_type& protocol, asio::error_code& ec)
{
service_impl_.open(impl, protocol, ec);
ASIO_SYNC_OP_VOID_RETURN(ec);
}
Reported by FlawFinder.
Line: 143
Column: 19
CWE codes:
362
ASIO_SYNC_OP_VOID open(implementation_type& impl,
const protocol_type& protocol, asio::error_code& ec)
{
service_impl_.open(impl, protocol, ec);
ASIO_SYNC_OP_VOID_RETURN(ec);
}
/// Assign an existing native acceptor to a socket acceptor.
ASIO_SYNC_OP_VOID assign(implementation_type& impl,
Reported by FlawFinder.
src/mongo/db/concurrency/lock_manager_defs.h
2 issues
Line: 259
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
static uint64_t hashStringData(StringData str) {
char hash[16];
MurmurHash3_x64_128(str.rawData(), str.size(), 0, hash);
return static_cast<size_t>(ConstDataView(hash).read<LittleEndian<std::uint64_t>>());
}
};
Reported by FlawFinder.
Line: 261
Column: 56
CWE codes:
120
20
static uint64_t hashStringData(StringData str) {
char hash[16];
MurmurHash3_x64_128(str.rawData(), str.size(), 0, hash);
return static_cast<size_t>(ConstDataView(hash).read<LittleEndian<std::uint64_t>>());
}
};
#ifndef MONGO_CONFIG_DEBUG_BUILD
// Treat the resource ids as 64-bit integers in release mode in order to ensure we do
Reported by FlawFinder.
src/mongo/db/repl/oplog.cpp
2 issues
Line: 165
CWE codes:
587
"dataSize"_attr = dataSize,
"catalogEntry"_attr = redact(catalogEntry),
"storageMetadata"_attr = redact(storageMetadata),
"isDryRun"_attr = isDryRun);
}
StringData getInvalidatingReason(const OplogApplication::Mode mode, const bool isDataConsistent) {
if (mode == OplogApplication::Mode::kInitialSync) {
return "initial sync"_sd;
Reported by Cppcheck.
Line: 1969
CWE codes:
758
void initTimestampFromOplog(OperationContext* opCtx, const NamespaceString& oplogNss) {
DBDirectClient c(opCtx);
static const BSONObj reverseNaturalObj = BSON("$natural" << -1);
BSONObj lastOp =
c.findOne(oplogNss.ns(), Query().sort(reverseNaturalObj), nullptr, QueryOption_SecondaryOk);
if (!lastOp.isEmpty()) {
LOGV2_DEBUG(21256, 1, "replSet setting last Timestamp");
Reported by Cppcheck.
src/mongo/base/data_builder_test.cpp
2 issues
Line: 50
} // namespace
TEST(DataBuilder, Basic) {
DataBuilder db(1);
ASSERT_EQUALS(true, db.writeAndAdvance<uint16_t>(1).isOK());
ASSERT_EQUALS(true, db.writeAndAdvance<LittleEndian<uint32_t>>(2).isOK());
ASSERT_EQUALS(true, db.writeAndAdvance<BigEndian<uint64_t>>(3).isOK());
Reported by Cppcheck.
Line: 45
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
template <std::size_t bytes>
struct NByteStruct {
NByteStruct() = default;
char buf[bytes] = {};
};
} // namespace
TEST(DataBuilder, Basic) {
Reported by FlawFinder.
src/third_party/abseil-cpp-master/abseil-cpp/absl/strings/str_join_test.cc
2 issues
Line: 174
}
}
TEST(StrJoin, CustomFormatter) {
std::vector<std::string> v{"One", "Two", "Three"};
{
std::string joined =
absl::StrJoin(v, "", [](std::string* out, const std::string& in) {
absl::StrAppend(out, "(", in, ")");
Reported by Cppcheck.
Line: 442
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
absl::StrJoin(std::make_tuple(x, std::cref(y), z), "-"));
struct TestFormatter {
char buffer[128];
void operator()(std::string* out, int v) {
snprintf(buffer, sizeof(buffer), "%#.8x", v);
out->append(buffer);
}
void operator()(std::string* out, double v) {
Reported by FlawFinder.