The following issues were found

src/third_party/wiredtiger/test/csuite/wt2447_join_main_table/main.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 91 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  WT_SESSION *session;
    uint64_t maincount;
    int half, i, j;
    char bloom_cfg[128], index1uri[256], index2uri[256], joinuri[256];
    const char *tablename;

    opts = &_opts;
    memset(opts, 0, sizeof(*opts));
    testutil_check(testutil_parse_opts(argc, argv, opts));

Reported by FlawFinder.

src/third_party/wiredtiger/test/csuite/wt2403_lsm_workload/main.c
1 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 40 Column: 9 CWE codes: 126 

              {
    uint64_t x, y;

    y = strlen(str);
    for (x = y; x > y - 8; x--) {
        str[x - 1] = (char)(i % 10) + 48;
        i = i / 10;
    }
}

Reported by FlawFinder.

src/third_party/snappy-1.1.7/snappy-stubs-internal.cc
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 37 Column: 3 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              namespace snappy {

void Varint::Append32(string* s, uint32 value) {
  char buf[Varint::kMax32];
  const char* p = Varint::Encode32(buf, value);
  s->append(buf, p - buf);
}

}  // namespace snappy

Reported by FlawFinder.

src/third_party/wiredtiger/test/cppsuite/test_harness/util/logger.cxx
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 82 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                      testutil_assert(
          trace_type >= LOG_ERROR && trace_type < sizeof(LOG_LEVELS) / sizeof(LOG_LEVELS[0]));

        char time_buf[64];
        get_time(time_buf, sizeof(time_buf));

        std::ostringstream ss;
        ss << time_buf << "[TID:" << std::this_thread::get_id() << "][" << LOG_LEVELS[trace_type]
           << "]: " << str << std::endl;

Reported by FlawFinder.

src/third_party/wiredtiger/test/checkpoint/test_checkpoint.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 51 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              typedef struct {
    int id;
    table_type type; /* Type for table. */
    char uri[128];
} COOKIE;

typedef struct {
    char *home;                    /* Home directory */
    const char *checkpoint_name;   /* Checkpoint name */

Reported by FlawFinder.

src/third_party/timelib-2021.06/docs/date-from-string.c
1 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 121 Column: 37 CWE codes: 126 

              	 *
	 * Passing in the "Z" at the end of the string, means the extra timezone gets ignored.
	 * If you *don't* want that, then compile with -DDONT_IGNORE_TZ */
	t = timelib_strtotime(time_string, strlen(time_string), &errors, global.db, cached_tzfile_wrapper);

	/* Error handling */
	if (errors->warning_count) {
		printf("Warnings found while parsing '%s'\n", time_string);
	}

Reported by FlawFinder.

src/third_party/timelib-2021.06/docs/date-to-parts.c
1 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 85 Column: 14 CWE codes: 126 

              
	/* Convert string to timelib_time, and hence its constituent parts */
	t = timelib_strtotime(
		dt_string, strlen(dt_string),
		&errors,
		global.db,
		cached_tzfile_wrapper
	);
	timelib_update_ts(t, tzi);

Reported by FlawFinder.

src/third_party/timelib-2021.06/timelib.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 145 Column: 2 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
typedef struct _tlocinfo
{
	char country_code[3];
	double latitude;
	double longitude;
	char *comments;
} tlocinfo;

Reported by FlawFinder.

src/third_party/unwind/dist/include/dwarf.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 248 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
typedef struct dwarf_reg_only_state
  {
    char where[DWARF_NUM_PRESERVED_REGS + 2];        /* how is the register saved? */
    unw_word_t val[DWARF_NUM_PRESERVED_REGS + 2];             /* where it's saved */
  }
dwarf_reg_only_state_t;

typedef struct dwarf_reg_state

Reported by FlawFinder.

src/third_party/unwind/dist/src/aarch64/Gresume.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 71 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                    unsigned long sp = uc->uc_mcontext.sp;

      struct regs_overlay {
        char x[sizeof(regs)];
      };

      __asm__ __volatile__ (
        "mov x4, %0\n"
        "mov x5, %1\n"

Reported by FlawFinder.