The following issues were found

src/third_party/icu4c-57.1/source/i18n/tzfmt.cpp
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 321 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  const char* region = fLocale.getCountry();
    int32_t regionLen = uprv_strlen(region);
    if (regionLen == 0) {
        char loc[ULOC_FULLNAME_CAPACITY];
        uloc_addLikelySubtags(fLocale.getName(), loc, sizeof(loc), &status);

        regionLen = uloc_getCountry(loc, fTargetRegion, sizeof(fTargetRegion), &status);
        if (U_SUCCESS(status)) {
            fTargetRegion[regionLen] = 0;

Reported by FlawFinder.

src/third_party/boost/boost/random/detail/generator_seed_seq.hpp
1 issues
random - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 19 Column: 11 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values 

              #define BOOST_RANDOM_DETAIL_GENERATOR_SEED_SEQ_HPP_INCLUDED

namespace boost {
namespace random {
namespace detail {

template<class Generator>
class generator_seed_seq {
public:

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/tznames_impl.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 240 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
private:
    Locale fLocale;
    char fRegion[ULOC_COUNTRY_CAPACITY];
};

U_NAMESPACE_END

#endif /* #if !UCONFIG_NO_FORMATTING */

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/tzrule.cpp
1 issues
There is an unknown macro here somewhere. Configuration is required. If UOBJECT_DEFINE_RTTI_IMPLEMENTATION is a macro then please configure it.
Error

Line: 93 

              }


UOBJECT_DEFINE_RTTI_IMPLEMENTATION(InitialTimeZoneRule)

InitialTimeZoneRule::InitialTimeZoneRule(const UnicodeString& name,
                                         int32_t rawOffset,
                                         int32_t dstSavings)
: TimeZoneRule(name, rawOffset, dstSavings) {

Reported by Cppcheck.

src/third_party/boost/boost/random/detail/generator_bits.hpp
1 issues
random - This function is not sufficiently random for security-related functions such as key and nonce creation
Security

Line: 20 Column: 11 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values 

              #include <boost/limits.hpp>

namespace boost {
namespace random {
namespace detail {

// This is a temporary measure that retains backwards
// compatibility.
template<class URNG>

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/unicode/fmtable.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 709 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              
    DigitList            *fDecimalNum;

    char                fStackData[UNUM_INTERNAL_STACKARRAY_SIZE]; // must be big enough for DigitList

    Type                fType;
    UnicodeString       fBogus; // Bogus string when it's needed.
};

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/unicode/measunit.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 1331 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              private:
    int32_t fTypeId;
    int32_t fSubTypeId;
    char fCurrency[4];

    MeasureUnit(int32_t typeId, int32_t subTypeId) : fTypeId(typeId), fSubTypeId(subTypeId) {
        fCurrency[0] = 0;
    }
    void setTo(int32_t typeId, int32_t subTypeId);

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/unicode/numsys.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 188 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  UnicodeString   desc;
    int32_t         radix;
    UBool           algorithmic;
    char            name[NUMSYS_NAME_CAPACITY+1];

    void setRadix(int32_t radix);

    void setAlgorithmic(UBool algorithmic);

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/unicode/region.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 190 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              #endif  /* U_HIDE_INTERNAL_API */

private:
    char id[4];
    UnicodeString idStr;
    int32_t code;
    URegionType type;
    Region *containingRegion;
    UVector *containedRegions;

Reported by FlawFinder.

src/third_party/icu4c-57.1/source/i18n/unicode/tzfmt.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 677 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  Locale fLocale;

    /* Stores the region (could be implicit default) */
    char fTargetRegion[ULOC_COUNTRY_CAPACITY];

    /* TimeZoneNames object used by this formatter */
    TimeZoneNames* fTimeZoneNames;

    /* TimeZoneGenericNames object used by this formatter - lazily instantiated */

Reported by FlawFinder.