The following issues were found

src/third_party/boost/boost/asio/ip/impl/network_v6.hpp
1 issues
setstate - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 39 Column: 10 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values

                  if (os.exceptions() & std::basic_ostream<Elem, Traits>::failbit)
      boost::asio::detail::throw_error(ec);
    else
      os.setstate(std::basic_ostream<Elem, Traits>::failbit);
  }
  else
    for (std::string::iterator i = s.begin(); i != s.end(); ++i)
      os << os.widen(*i);
  return os;

            

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/decimfmt.cpp
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 79 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              #ifdef FMT_DEBUG
#include <stdio.h>
static void _debugout(const char *f, int l, const UnicodeString& s) {
    char buf[2000];
    s.extract((int32_t) 0, s.length(), buf, "utf-8");
    printf("%s:%d: %s\n", f,l, buf);
}
#define debugout(x) _debugout(__FILE__,__LINE__,x)
#define debug(x) printf("%s:%d: %s\n", __FILE__,__LINE__, x);

            

Reported by FlawFinder.

src/third_party/boost/boost/random/detail/niederreiter_base2_table.hpp
1 issues
random - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 16 Column: 11 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values

              #include <cstddef>

namespace boost {
namespace random {

namespace detail {
namespace qrng_tables {

// Maximum allowed space dimension. This number of dimensions has been

            

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/dtfmtsym.cpp
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 170 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              const SharedDateFormatSymbols *
        LocaleCacheKey<SharedDateFormatSymbols>::createObject(
                const void * /*unusedContext*/, UErrorCode &status) const {
    char type[256];
    Calendar::getCalendarTypeFromLocale(fLoc, type, UPRV_LENGTHOF(type), status);
    if (U_FAILURE(status)) {
        return NULL;
    }
    SharedDateFormatSymbols *shared

            

Reported by FlawFinder.

src/third_party/boost/boost/random/detail/large_arithmetic.hpp
1 issues
random - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 24 Column: 11 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values

              #include <boost/random/detail/disable_warnings.hpp>

namespace boost {
namespace random {
namespace detail {

struct div_t {
    boost::uintmax_t quotient;
    boost::uintmax_t remainder;

            

Reported by FlawFinder.

src/third_party/boost/boost/random/detail/integer_log2.hpp
1 issues
random - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 22 Column: 11 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values

              #include <boost/integer/integer_log2.hpp>

namespace boost {
namespace random {
namespace detail {

#if !defined(BOOST_NO_CXX11_CONSTEXPR)
#define BOOST_RANDOM_DETAIL_CONSTEXPR constexpr
#elif defined(BOOST_MSVC)

            

Reported by FlawFinder.

src/third_party/boost/boost/asio/ip/impl/network_v4.hpp
1 issues
setstate - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 40 Column: 10 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values

                  if (os.exceptions() & std::basic_ostream<Elem, Traits>::failbit)
      boost::asio::detail::throw_error(ec);
    else
      os.setstate(std::basic_ostream<Elem, Traits>::failbit);
  }
  else
    for (std::string::iterator i = s.begin(); i != s.end(); ++i)
      os << os.widen(*i);
  return os;

            

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/fmtable.cpp
1 issues
equal - Function does not check the second iterator for over-read conditions
Security

Line: 323 Column: 12 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                  }

    // TODO:  compare digit lists if numeric.
    return equal;
}

// -------------------------------------

Formattable::~Formattable()

            

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/msgfmt.cpp
1 issues
Possible null pointer dereference: parseError
Error

Line: 515 CWE codes: 476

                  if (aposMode != msgPattern.getApostropheMode()) {
        msgPattern.clearPatternAndSetApostropheMode(aposMode);
    }
    applyPattern(pattern, *parseError, status);
}

// -------------------------------------
// Converts this MessageFormat instance to a pattern.


            

Reported by Cppcheck.

src/third_party/icu4c-57.1/source/i18n/nfsubs.cpp
1 issues
There is an unknown macro here somewhere. Configuration is required. If UOBJECT_DEFINE_RTTI_IMPLEMENTATION is a macro then please configure it.
Error

Line: 507

              // boilerplate
//-----------------------------------------------------------------------

UOBJECT_DEFINE_RTTI_IMPLEMENTATION(NFSubstitution)

/**
 * Compares two substitutions for equality
 * @param The substitution to compare this one to
 * @return true if the two substitutions are functionally equivalent

            

Reported by Cppcheck.