Codekhana

src/third_party/mozjs-60/extract/js/src/frontend/BinTokenReaderTester.cpp

1 issues

equal - Function does not check the second iterator for over-read conditions

Security

Line: 253 Column: 15 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                      return false;

    // Perform lookup, without side-effects.
    if (!std::equal(current_, current_ + N - 1 /*implicit NUL*/, value))
        return false;

    // Looks like we have a match. Now perform side-effects
    current_ += N - 1;
    updateLatestKnownGood();

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/frontend/BinTokenReaderTester.h

1 issues

equal - Function does not check the second iterator for over-read conditions

Security

Line: 353 Column: 19 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                      if (left.length() + 1 /* implicit NUL */ != N)
            return false;

        if (!std::equal(left.begin(), left.end(), right))
          return false;

        return true;
    }
};

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/frontend/BytecodeEmitter.cpp

1 issues

There is an unknown macro here somewhere. Configuration is required. If JS_FRIEND_API is a macro then please configure it.

Error

Line: 11416

                  return js_SrcNoteSpec[SN_TYPE(sn)].arity;
}

JS_FRIEND_API(unsigned)
js::SrcNoteLength(jssrcnote* sn)
{
    unsigned arity;
    jssrcnote* base;

Reported by Cppcheck.

src/third_party/mozjs-60/extract/js/src/frontend/GenerateReservedWords.py

1 issues

invalid syntax (<unknown>, line 83)

Error

Line: 83 Column: 52

                      per_column = column_dict.setdefault(word[column], [])
        per_column.append(item)

    return sorted(column_dict.items(), key=lambda (char, word): ord(char))

def generate_letter_switch(opt, unprocessed_columns, reserved_word_list,
                           columns=None):
    assert(len(reserved_word_list) != 0);

Reported by Pylint.

src/third_party/boost/boost/multi_index/detail/ord_index_impl.hpp

1 issues

equal - Function does not check the second iterator for over-read conditions

Security

Line: 1515 Column: 35 CWE codes: 126
Suggestion: This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it

                const ordered_index<
    KeyFromValue2,Compare2,SuperMeta2,TagList2,Category2,AugmentPolicy2>& y)
{
  return x.size()==y.size()&&std::equal(x.begin(),x.end(),y.begin());
}

template<
  typename KeyFromValue1,typename Compare1,
  typename SuperMeta1,typename TagList1,typename Category1,

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/frontend/SyntaxParseHandler.h

1 issues

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)

Security

Line: 182 Column: 25 CWE codes: 126

                      lastAtom = name;
        if (name == cx->names().arguments)
            return NodeArgumentsName;
        if (pos.begin + strlen("async") == pos.end && name == cx->names().async)
            return NodePotentialAsyncKeyword;
        if (name == cx->names().eval)
            return NodeEvalName;
        return NodeName;
    }

Reported by FlawFinder.

src/third_party/mozjs-60/extract/js/src/gc/Allocator.cpp

1 issues

There is an unknown macro here somewhere. Configuration is required. If FOR_EACH_NURSERY_STRING_ALLOCKIND is a macro then please configure it.

Error

Line: 210

              #define DECL_ALLOCATOR_INSTANCES(allocKind, traceKind, type, sizedType, bgfinal, nursery) \
    template type* js::AllocateString<type, NoGC>(JSContext* cx, InitialHeap heap);\
    template type* js::AllocateString<type, CanGC>(JSContext* cx, InitialHeap heap);
FOR_EACH_NURSERY_STRING_ALLOCKIND(DECL_ALLOCATOR_INSTANCES)
#undef DECL_ALLOCATOR_INSTANCES

template <typename T, AllowGC allowGC /* = CanGC */>
T*
js::Allocate(JSContext* cx)

Reported by Cppcheck.

src/third_party/mozjs-60/extract/js/src/gc/Barrier.cpp

1 issues

There is an unknown macro here somewhere. Configuration is required. If JS_PUBLIC_API is a macro then please configure it.

Error

Line: 231

              
} // namespace js

JS_PUBLIC_API(void)
JS::HeapObjectPostBarrier(JSObject** objp, JSObject* prev, JSObject* next)
{
    MOZ_ASSERT(objp);
    js::InternalBarrierMethods<JSObject*>::postBarrier(objp, prev, next);
}

Reported by Cppcheck.

src/third_party/boost/boost/multi_index/detail/index_node_base.hpp

1 issues

access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition

Security

Line: 75 Column: 38 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly

              
private:
#if !defined(BOOST_MULTI_INDEX_DISABLE_SERIALIZATION)
  friend class boost::serialization::access;
  
  /* nodes do not emit any kind of serialization info. They are
   * fed to Boost.Serialization so that pointers to nodes are
   * tracked correctly.
   */

Reported by FlawFinder.

src/third_party/boost/boost/multi_index/detail/bucket_array.hpp

1 issues

access - This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition

Security

Line: 196 Column: 38 CWE codes: 362/367!
Suggestion: Set up the correct permissions (e.g., using setuid()) and try to open the file directly

                }

#if !defined(BOOST_MULTI_INDEX_DISABLE_SERIALIZATION)
  friend class boost::serialization::access;
  
  /* bucket_arrays do not emit any kind of serialization info. They are
   * fed to Boost.Serialization as hashed index iterators need to track
   * them during serialization.
   */

Reported by FlawFinder.

Modal title

The following issues were found

src/third_party/mozjs-60/extract/js/src/frontend/BinTokenReaderTester.cpp

1 issues

src/third_party/mozjs-60/extract/js/src/frontend/BinTokenReaderTester.h

1 issues

src/third_party/mozjs-60/extract/js/src/frontend/BytecodeEmitter.cpp

1 issues

src/third_party/mozjs-60/extract/js/src/frontend/GenerateReservedWords.py

1 issues

src/third_party/boost/boost/multi_index/detail/ord_index_impl.hpp

1 issues

src/third_party/mozjs-60/extract/js/src/frontend/SyntaxParseHandler.h

1 issues

src/third_party/mozjs-60/extract/js/src/gc/Allocator.cpp

1 issues

src/third_party/mozjs-60/extract/js/src/gc/Barrier.cpp

1 issues

src/third_party/boost/boost/multi_index/detail/index_node_base.hpp

1 issues

src/third_party/boost/boost/multi_index/detail/bucket_array.hpp

1 issues