The following issues were found
src/third_party/gperftools/platform/linux_ppc64le/include/gperftools/profiler.h
1 issues
Line: 160
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ProfilerState {
int enabled; /* Is profiling currently enabled? */
time_t start_time; /* If enabled, when was profiling started? */
char profile_name[1024]; /* Name of profile file being written, or '\0' */
int samples_gathered; /* Number of samples gathered so far (or 0) */
};
PERFTOOLS_DLL_DECL void ProfilerGetCurrentState(struct ProfilerState* state);
/* Returns the current stack trace, to be called from a SIGPROF handler. */
Reported by FlawFinder.
src/third_party/gperftools/platform/linux_s390x/include/gperftools/profiler.h
1 issues
Line: 160
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ProfilerState {
int enabled; /* Is profiling currently enabled? */
time_t start_time; /* If enabled, when was profiling started? */
char profile_name[1024]; /* Name of profile file being written, or '\0' */
int samples_gathered; /* Number of samples gathered so far (or 0) */
};
PERFTOOLS_DLL_DECL void ProfilerGetCurrentState(struct ProfilerState* state);
/* Returns the current stack trace, to be called from a SIGPROF handler. */
Reported by FlawFinder.
src/third_party/gperftools/platform/linux_x86_64/include/gperftools/profiler.h
1 issues
Line: 160
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ProfilerState {
int enabled; /* Is profiling currently enabled? */
time_t start_time; /* If enabled, when was profiling started? */
char profile_name[1024]; /* Name of profile file being written, or '\0' */
int samples_gathered; /* Number of samples gathered so far (or 0) */
};
PERFTOOLS_DLL_DECL void ProfilerGetCurrentState(struct ProfilerState* state);
/* Returns the current stack trace, to be called from a SIGPROF handler. */
Reported by FlawFinder.
src/third_party/gperftools/platform/windows_x86_64/include/gperftools/profiler.h
1 issues
Line: 160
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ProfilerState {
int enabled; /* Is profiling currently enabled? */
time_t start_time; /* If enabled, when was profiling started? */
char profile_name[1024]; /* Name of profile file being written, or '\0' */
int samples_gathered; /* Number of samples gathered so far (or 0) */
};
PERFTOOLS_DLL_DECL void ProfilerGetCurrentState(struct ProfilerState* state);
/* Returns the current stack trace, to be called from a SIGPROF handler. */
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/locmap.c
1 issues
Line: 1023
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#ifdef USE_WINDOWS_LOCALE_API
int32_t tmpLen = 0;
char locName[157]; /* ULOC_FULLNAME_CAPACITY */
tmpLen = GetLocaleInfoA(hostid, LOCALE_SNAME, (LPSTR)locName, UPRV_LENGTHOF(locName));
if (tmpLen > 1) {
/* Windows locale name may contain sorting variant, such as "es-ES_tradnl".
In such case, we need special mapping data found in the hardcoded table
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/locutil.cpp
1 issues
Line: 168
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
*
* There should be only at most one '@' in a locale ID.
*/
char buffer[BUFLEN];
int32_t prev, i;
prev = 0;
for(;;) {
i = id.indexOf((UChar)0x40, prev);
if(i < 0) {
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/messagepattern.cpp
1 issues
Line: 980
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
c=msg.charAt(index++);
}
// Let Double.parseDouble() throw a NumberFormatException.
char numberChars[128];
int32_t capacity=(int32_t)sizeof(numberChars);
int32_t length=limit-start;
if(length>=capacity) {
break; // number too long
}
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/propname.cpp
1 issues
Line: 291
U_CAPI const char* U_EXPORT2
u_getPropertyName(UProperty property,
UPropertyNameChoice nameChoice) {
U_NAMESPACE_USE
return PropNameData::getPropertyName(property, nameChoice);
}
U_CAPI UProperty U_EXPORT2
u_getPropertyEnum(const char* alias) {
Reported by Cppcheck.
src/third_party/icu4c-57.1/source/common/rbbi.cpp
1 issues
Line: 295
Column: 26
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
#ifdef RBBI_DEBUG
static UBool debugInitDone = FALSE;
if (debugInitDone == FALSE) {
char *debugEnv = getenv("U_RBBIDEBUG");
if (debugEnv && uprv_strstr(debugEnv, "trace")) {
fTrace = TRUE;
}
debugInitDone = TRUE;
}
Reported by FlawFinder.
src/third_party/icu4c-57.1/source/common/rbbidata.cpp
1 issues
Line: 153
Column: 22
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
fRefCount = 1;
#ifdef RBBI_DEBUG
char *debugEnv = getenv("U_RBBIDEBUG");
if (debugEnv && uprv_strstr(debugEnv, "data")) {this->printData();}
#endif
}
Reported by FlawFinder.