The following issues were found

src/third_party/benchmark/dist/src/string_util.cc
2 issues
vsnprintf - If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate
Security

Line: 139 Column: 14 CWE codes: 134
Suggestion: Use a constant for the format specification 

                std::size_t size = local_buff.size();
  // 2015-10-08: vsnprintf is used instead of snd::vsnprintf due to a limitation
  // in the android-ndk
  auto ret = vsnprintf(local_buff.data(), size, msg, args_cp);

  va_end(args_cp);

  // handle empty expansion
  if (ret == 0) return std::string{};

Reported by FlawFinder.

vsnprintf - If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate
Security

Line: 154 Column: 9 CWE codes: 134
Suggestion: Use a constant for the format specification 

                auto buff_ptr = std::unique_ptr<char[]>(new char[size]);
  // 2015-10-08: vsnprintf is used instead of snd::vsnprintf due to a limitation
  // in the android-ndk
  ret = vsnprintf(buff_ptr.get(), size, msg, args);
  return std::string(buff_ptr.get());
}

std::string StrFormat(const char* format, ...) {
  va_list args;

Reported by FlawFinder.

src/third_party/abseil-cpp-master/abseil-cpp/absl/time/format.cc
2 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 114 Column: 28 CWE codes: 126 

                  absl::Time value;
  };
  static Literal literals[] = {
      {kInfiniteFutureStr, strlen(kInfiniteFutureStr), InfiniteFuture()},
      {kInfinitePastStr, strlen(kInfinitePastStr), InfinitePast()},
  };
  strip_leading_space(&input);
  for (const auto& lit : literals) {
    if (absl::StartsWith(input, absl::string_view(lit.name, lit.size))) {

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 115 Column: 26 CWE codes: 126 

                };
  static Literal literals[] = {
      {kInfiniteFutureStr, strlen(kInfiniteFutureStr), InfiniteFuture()},
      {kInfinitePastStr, strlen(kInfinitePastStr), InfinitePast()},
  };
  strip_leading_space(&input);
  for (const auto& lit : literals) {
    if (absl::StartsWith(input, absl::string_view(lit.name, lit.size))) {
      absl::string_view tail = input;

Reported by FlawFinder.

src/mongo/db/pipeline/sharded_agg_helpers.cpp
2 issues
Boolean value assigned to pointer.
Error

Line: 983 CWE codes: 587 

                                  "Splitting pipeline: targeting = {shardIds_size} shards, needsMongosMerge = "
                    "{needsMongosMerge}, needsPrimaryShardMerge = {needsPrimaryShardMerge}",
                    "shardIds_size"_attr = shardIds.size(),
                    "needsMongosMerge"_attr = needsMongosMerge,
                    "needsPrimaryShardMerge"_attr = needsPrimaryShardMerge);
        splitPipelines = splitPipeline(std::move(pipeline));

        exchangeSpec = checkIfEligibleForExchange(opCtx, splitPipelines->mergePipeline.get());
    }

Reported by Cppcheck.

Boolean value assigned to pointer.
Error

Line: 984 CWE codes: 587 

                                  "{needsMongosMerge}, needsPrimaryShardMerge = {needsPrimaryShardMerge}",
                    "shardIds_size"_attr = shardIds.size(),
                    "needsMongosMerge"_attr = needsMongosMerge,
                    "needsPrimaryShardMerge"_attr = needsPrimaryShardMerge);
        splitPipelines = splitPipeline(std::move(pipeline));

        exchangeSpec = checkIfEligibleForExchange(opCtx, splitPipelines->mergePipeline.get());
    }

Reported by Cppcheck.

src/third_party/benchmark/dist/src/string_util.h
2 issues
printf - If format strings can be influenced by an attacker, they can be exploited
Security

Line: 18 Column: 23 CWE codes: 134
Suggestion: Use a constant for the format specification 

              #if defined(__MINGW32__)
__attribute__((format(__MINGW_PRINTF_FORMAT, 1, 2)))
#elif defined(__GNUC__)
__attribute__((format(printf, 1, 2)))
#endif
std::string
StrFormat(const char* format, ...);

inline std::ostream& StrCatImp(std::ostream& out) BENCHMARK_NOEXCEPT {

Reported by FlawFinder.

StrCat - Does not check for buffer overflows when concatenating to destination [MS-banned]
Security

Line: 34 Column: 20 CWE codes: 120 

              }

template <class... Args>
inline std::string StrCat(Args&&... args) {
  std::ostringstream ss;
  StrCatImp(ss, std::forward<Args>(args)...);
  return ss.str();
}

Reported by FlawFinder.

src/mongo/base/string_data.h
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 250 Column: 9 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              
inline void StringData::copyTo(char* dest, bool includeEndingNull) const {
    if (_data)
        memcpy(dest, _data, size());
    if (includeEndingNull)
        dest[size()] = 0;
}

inline size_t StringData::find(char c, size_t fromPos) const {

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 83 Column: 62 CWE codes: 126 

                   * string is not known. 'c' must either be NULL, or a pointer to a
     * null-terminated string.
     */
    StringData(const char* str) : StringData(str, str ? std::strlen(str) : 0) {}

    /**
     * Constructs a StringData, for the case of a std::string. We can
     * use the trusted init path with no follow on checks because
     * string::data is assured to never return nullptr.

Reported by FlawFinder.

src/mongo/db/exec/document_value/value.h
2 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 515 Column: 35 CWE codes: 126 

              inline const char* Value::getRegexFlags() const {
    verify(getType() == RegEx);
    const char* pattern = _storage.getString().rawData();  // this is known to be NUL terminated
    const char* flags = pattern + strlen(pattern) + 1;     // first byte after pattern's NUL
    dassert(flags + strlen(flags) == pattern + _storage.getString().size());
    return flags;
}

inline std::string Value::getSymbol() const {

Reported by FlawFinder.

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 516 Column: 21 CWE codes: 126 

                  verify(getType() == RegEx);
    const char* pattern = _storage.getString().rawData();  // this is known to be NUL terminated
    const char* flags = pattern + strlen(pattern) + 1;     // first byte after pattern's NUL
    dassert(flags + strlen(flags) == pattern + _storage.getString().size());
    return flags;
}

inline std::string Value::getSymbol() const {
    verify(getType() == Symbol);

Reported by FlawFinder.

src/mongo/embedded/mongo_embedded/java/src/com/mongodb/embedded/capi/internal/logging/JULLogger.java
2 issues
This class has too many methods, consider refactoring it.
Design

Line: 41 

              import static java.util.logging.Level.SEVERE;
import static java.util.logging.Level.WARNING;

class JULLogger implements Logger {

    private final java.util.logging.Logger delegate;

    JULLogger(final String name) {
        this.delegate = java.util.logging.Logger.getLogger(name);

Reported by PMD.

Found non-transient, non-static member. Please mark as transient or provide accessors.
Error

Line: 43 

              
class JULLogger implements Logger {

    private final java.util.logging.Logger delegate;

    JULLogger(final String name) {
        this.delegate = java.util.logging.Logger.getLogger(name);
    }

Reported by PMD.

src/third_party/abseil-cpp-master/abseil-cpp/absl/base/bit_cast_test.cc
2 issues
syntax error
Error

Line: 63 

                }
}

TEST(BitCast, Bool) {
  static const bool bool_list[] = { false, true };
  TestMarshall<bool>(bool_list, ABSL_ARRAYSIZE(bool_list));
}

TEST(BitCast, Int32) {

Reported by Cppcheck.

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 29 Column: 19 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              namespace {

template <int N>
struct marshall { char buf[N]; };

template <typename T>
void TestMarshall(const T values[], int num_values) {
  for (int i = 0; i < num_values; ++i) {
    T t0 = values[i];

Reported by FlawFinder.

src/third_party/abseil-cpp-master/abseil-cpp/absl/algorithm/container.h
2 issues
equal - Function does not check the second iterator for over-read conditions
Security

Line: 405 Column: 16 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

              bool c_equal(const C1& c1, const C2& c2) {
  return ((container_algorithm_internal::c_size(c1) ==
           container_algorithm_internal::c_size(c2)) &&
          std::equal(container_algorithm_internal::c_begin(c1),
                     container_algorithm_internal::c_end(c1),
                     container_algorithm_internal::c_begin(c2)));
}

// Overload of c_equal() for using a predicate evaluation other than `==` as

Reported by FlawFinder.

is_permutation - Function does not check the second iterator for over-read conditions
Security

Line: 431 Column: 15 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it 

                using std::begin;
  using std::end;
  return c1.size() == c2.size() &&
         std::is_permutation(begin(c1), end(c1), begin(c2));
}

// Overload of c_is_permutation() for using a predicate evaluation other than
// `==` as the function's test condition.
template <typename C1, typename C2, typename BinaryPredicate>

Reported by FlawFinder.

src/mongo/platform/atomic_proxy.h
2 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 75 Column: 14 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                  T load(std::memory_order order = std::memory_order_seq_cst) const {
        const BaseWordT tempInteger = _value.load(order);
        T value;
        std::memcpy(&value, &tempInteger, sizeof(T));
        return value;
    }

    void store(const T value, std::memory_order order = std::memory_order_seq_cst) {
        BaseWordT tempInteger;

Reported by FlawFinder.

memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 81 Column: 14 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

              
    void store(const T value, std::memory_order order = std::memory_order_seq_cst) {
        BaseWordT tempInteger;
        std::memcpy(&tempInteger, &value, sizeof(T));
        _value.store(tempInteger, order);
    }

private:
    std::atomic<BaseWordT> _value;  // NOLINT

Reported by FlawFinder.