The following issues were found
src/third_party/boost/boost/asio/is_write_buffered.hpp
1 issues
Line: 35
Column: 37
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
template <typename Stream>
char is_write_buffered_helper(buffered_write_stream<Stream>* s);
struct is_write_buffered_big_type { char data[10]; };
is_write_buffered_big_type is_write_buffered_helper(...);
} // namespace detail
/// The is_write_buffered class is a traits class that may be used to determine
Reported by FlawFinder.
src/third_party/gperftools/dist/src/profiledata.h
1 issues
Line: 84
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct State {
bool enabled; // Is profiling currently enabled?
time_t start_time; // If enabled, when was profiling started?
char profile_name[1024]; // Name of file being written, or '\0'
int samples_gathered; // Number of samples gathered to far (or 0)
};
class Options {
public:
Reported by FlawFinder.
src/third_party/boost/boost/random/piecewise_constant_distribution.hpp
1 issues
Line: 33
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#include <boost/range/end.hpp>
namespace boost {
namespace random {
/**
* The class @c piecewise_constant_distribution models a \random_distribution.
*/
template<class RealType = double, class WeightType = double>
Reported by FlawFinder.
src/third_party/gperftools/dist/src/span.h
1 issues
Line: 81
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// this span into set of large spans. It is used to quickly delete
// spans from those sets. span_iter_space is space for such
// iterator which lifetime is controlled explicitly.
char span_iter_space[sizeof(SpanSet::iterator)];
};
unsigned int refcount : 16; // Number of non-free objects
unsigned int sizeclass : 8; // Size-class for small objects (or 0)
unsigned int location : 2; // Is the span on a freelist, and if so, which?
unsigned int sample : 1; // Sampled object?
Reported by FlawFinder.
src/third_party/gperftools/dist/src/static_vars.h
1 issues
Line: 118
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// we can't depend on initialization order, so pageheap is new'd
// into this buffer.
union PageHeapStorage {
char memory[sizeof(PageHeap)];
uintptr_t extra; // To force alignment
};
ATTRIBUTE_HIDDEN static PageHeapStorage pageheap_;
};
Reported by FlawFinder.
src/third_party/boost/boost/random/niederreiter_base2.hpp
1 issues
Line: 18
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#include <boost/dynamic_bitset.hpp>
namespace boost {
namespace random {
/** @cond */
namespace qrng_detail {
namespace nb2 {
Reported by FlawFinder.
src/third_party/gperftools/dist/src/tcmalloc.h
1 issues
Line: 63
Column: 18
CWE codes:
676
Suggestion:
Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient
extern "C" int posix_memalign(void** ptr, size_t align, size_t size) __THROW;
#endif
#if !HAVE_DECL_MEMALIGN
extern "C" void* memalign(size_t __alignment, size_t __size) __THROW;
#endif
#if !HAVE_DECL_VALLOC
extern "C" void* valloc(size_t __size) __THROW;
#endif
#if !HAVE_DECL_PVALLOC
Reported by FlawFinder.
src/third_party/gperftools/dist/src/tests/getpc_test.cc
1 issues
Line: 85
Column: 3
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
}
// Now make sure the above loop doesn't get optimized out
srand(r);
}
// This is an upper bound of how many bytes the instructions for
// RoutineCallingTheSignal might be. There's probably a more
// principled way to do this, but I don't know how portable it would be.
Reported by FlawFinder.
src/third_party/gperftools/dist/src/tests/malloc_extension_c_test.c
1 issues
Line: 136
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int blocks;
size_t total;
int hist[64];
char buffer[200];
char* x = (char*)malloc(10);
MallocExtension_VerifyAllMemory();
MallocExtension_VerifyMallocMemory(x);
MallocExtension_MallocMemoryStats(&blocks, &total, hist);
Reported by FlawFinder.
src/third_party/gperftools/dist/src/tests/malloc_hook_test.cc
1 issues
Line: 212
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void MultithreadedTestThread(TestHookList* list, int shift,
int thread_num) {
string message;
char buf[64];
for (int i = 1; i < 1000; ++i) {
// In each loop, we insert a unique value, check it exists, remove it, and
// check it doesn't exist. We also record some stats to log at the end of
// each thread. Each insertion location and the length of the list is
// non-deterministic (except for the very first one, over all threads, and
Reported by FlawFinder.