The following issues were found
src/third_party/wiredtiger/test/3rdparty/testscenarios-0.4/setup.py
2 issues
Line: 1
Column: 1
#!/usr/bin/env python
from setuptools import setup
import os.path
description = open(os.path.join(os.path.dirname(__file__), 'README'), 'rt').read()
setup(name="testscenarios",
version="0.4",
Reported by Pylint.
Line: 4
Column: 1
#!/usr/bin/env python
from setuptools import setup
import os.path
description = open(os.path.join(os.path.dirname(__file__), 'README'), 'rt').read()
setup(name="testscenarios",
version="0.4",
Reported by Pylint.
src/third_party/wiredtiger/test/3rdparty/testtools-0.9.34/testtools/content_type.py
2 issues
Line: 6
Column: 1
"""ContentType - a MIME Content Type."""
class ContentType(object):
"""A content type from http://www.iana.org/assignments/media-types/
:ivar type: The primary type, e.g. "text" or "application"
:ivar subtype: The subtype, e.g. "plain" or "octet-stream"
:ivar parameters: A dict of additional parameters specific to the
Reported by Pylint.
Line: 25
Column: 12
self.parameters = parameters or {}
def __eq__(self, other):
if type(other) != ContentType:
return False
return self.__dict__ == other.__dict__
def __repr__(self):
if self.parameters:
Reported by Pylint.
src/third_party/unwind/dist/src/arm/Gglobal.c
2 issues
Line: 48
Column: 23
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
goto out;
/* read ARM unwind method setting */
const char* str = getenv ("UNW_ARM_UNWIND_METHOD");
if (str)
{
unwi_unwind_method = atoi (str);
}
Reported by FlawFinder.
Line: 51
Column: 30
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
const char* str = getenv ("UNW_ARM_UNWIND_METHOD");
if (str)
{
unwi_unwind_method = atoi (str);
}
mi_init ();
dwarf_init ();
Reported by FlawFinder.
src/third_party/unwind/dist/include/tdep-ia64/libunwind_i.h
2 issues
Line: 193
Column: 20
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* Table of registers that prologues can save (and order in which
they're saved). */
const unsigned char save_order[8];
/*
* uc_addr() may return pointers to these variables. We need to
* make sure they don't get written via ia64_put() or
* ia64_putfp(). To make it possible to test for these variables
Reported by FlawFinder.
Line: 215
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct mempool labeled_state_pool;
# if UNW_DEBUG
const char *preg_name[IA64_NUM_PREGS];
# endif
};
#define tdep_getcontext_trace unw_getcontext
#define tdep_init_done unw.init_done
Reported by FlawFinder.
src/third_party/tomcrypt-1.18.2/src/headers/tomcrypt_macros.h
2 issues
Line: 441
Column: 18
CWE codes:
134
Suggestion:
Use a constant for the format specification
/* there is no snprintf before Visual C++ 2015 */
#if defined(_MSC_VER) && _MSC_VER < 1900
#define snprintf _snprintf
#endif
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */
Reported by FlawFinder.
Line: 441
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
/* there is no snprintf before Visual C++ 2015 */
#if defined(_MSC_VER) && _MSC_VER < 1900
#define snprintf _snprintf
#endif
/* ref: HEAD -> master, tag: v1.18.2 */
/* git commit: 7e7eb695d581782f04b24dc444cbfde86af59853 */
/* commit time: 2018-07-01 22:49:01 +0200 */
Reported by FlawFinder.
src/third_party/tomcrypt-1.18.2/src/headers/tomcrypt_custom.h
2 issues
Line: 31
Column: 18
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#define XMEMSET memset
#endif
#ifndef XMEMCPY
#define XMEMCPY memcpy
#endif
#ifndef XMEMMOVE
#define XMEMMOVE memmove
#endif
#ifndef XMEMCMP
Reported by FlawFinder.
Line: 58
Column: 34
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#endif
#if ( defined(malloc) || defined(realloc) || defined(calloc) || defined(free) || \
defined(memset) || defined(memcpy) || defined(memcmp) || defined(strcmp) || \
defined(clock) || defined(qsort) ) && !defined(LTC_NO_PROTOTYPES)
#define LTC_NO_PROTOTYPES
#endif
/* shortcut to disable automatic inclusion */
Reported by FlawFinder.
src/third_party/timelib-2021.06/timezonedb.h
2 issues
Line: 605
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
const unsigned char timelib_timezone_db_data_builtin[339811] = {
/* Africa/Abidjan */
0x50, 0x48, 0x50, 0x32, 0x01, 0x43, 0x49, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
Reported by FlawFinder.
Line: 23928
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
const unsigned char timelib_timezone_db_data_builtin[702099] = {
/* Africa/Abidjan */
0x50, 0x48, 0x50, 0x32, 0x01, 0x43, 0x49, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x08, 0x92, 0xE6, 0x92, 0x48,
Reported by FlawFinder.
src/third_party/timelib-2021.06/parse_posix.c
2 issues
Line: 55
Column: 16
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
result[len] = '\0';
return (char*)memcpy(result, s, len);
}
#endif
/* Forwards declrations */
static timelib_posix_trans_info *timelib_posix_trans_info_ctor(void);
Reported by FlawFinder.
Line: 43
Column: 15
CWE codes:
126
static char* timelib_strndup(const char* s, size_t n)
{
char* result;
size_t len = strlen(s);
if (n < len) {
len = n;
}
Reported by FlawFinder.
src/third_party/snappy-1.1.7/snappy-sinksource.cc
2 issues
Line: 77
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void UncheckedByteArraySink::Append(const char* data, size_t n) {
// Do no copying if the caller filled in the result of GetAppendBuffer()
if (data != dest_) {
memcpy(dest_, data, n);
}
dest_ += n;
}
char* UncheckedByteArraySink::GetAppendBuffer(size_t len, char* scratch) {
Reported by FlawFinder.
Line: 91
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void (*deleter)(void*, const char*, size_t),
void *deleter_arg) {
if (data != dest_) {
memcpy(dest_, data, n);
(*deleter)(deleter_arg, data, n);
}
dest_ += n;
}
Reported by FlawFinder.
src/third_party/wiredtiger/test/csuite/wt2246_col_append/main.c
2 issues
Line: 53
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_CURSOR *cursor;
WT_SESSION *session;
uint64_t recno, vrecno;
char buf[64];
conn = opts->conn;
testutil_check(conn->open_session(conn, NULL, NULL, &session));
testutil_check(session->open_cursor(session, opts->uri, NULL, "append", &cursor));
Reported by FlawFinder.
Line: 95
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
clock_t ce, cs;
pthread_t idlist[100];
uint64_t i, id;
char buf[100];
/* Bypass this test for valgrind */
if (testutil_is_flag_set("TESTUTIL_BYPASS_VALGRIND"))
return (EXIT_SUCCESS);
Reported by FlawFinder.