The following issues were found
src/third_party/mozjs-60/extract/mfbt/Attributes.h
1 issues
Line: 800
Column: 29
CWE codes:
134
Suggestion:
Use a constant for the format specification
__attribute__ ((format (__MINGW_PRINTF_FORMAT, stringIndex, firstToCheck)))
#elif __GNUC__
#define MOZ_FORMAT_PRINTF(stringIndex, firstToCheck) \
__attribute__ ((format (printf, stringIndex, firstToCheck)))
#else
#define MOZ_FORMAT_PRINTF(stringIndex, firstToCheck)
#endif
/**
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mfbt/HashFunctions.cpp
1 issues
Line: 27
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (; i < aLength - (aLength % sizeof(size_t)); i += sizeof(size_t)) {
/* Do an explicitly unaligned load of the data. */
size_t data;
memcpy(&data, b + i, sizeof(size_t));
hash = AddToHash(hash, data, sizeof(data));
}
/* Get the remaining bytes. */
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mfbt/JSONWriter.cpp
1 issues
Line: 16
Column: 7
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// represented with a two-char escape sequence. The value is the second char in
// the sequence, that which follows the initial backslash.
#define ___ 0
const char gTwoCharEscapes[256] = {
/* 0 1 2 3 4 5 6 7 8 9 */
/* 0+ */ ___, ___, ___, ___, ___, ___, ___, ___, 'b', 't',
/* 10+ */ 'n', ___, 'f', 'r', ___, ___, ___, ___, ___, ___,
/* 20+ */ ___, ___, ___, ___, ___, ___, ___, ___, ___, ___,
/* 30+ */ ___, ___, ___, ___, '"', ___, ___, ___, ___, ___,
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mfbt/Maybe.h
1 issues
Line: 111
Column: 37
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
template<class T>
class MOZ_NON_PARAM MOZ_INHERIT_TYPE_ANNOTATIONS_FROM_TEMPLATE_ARGS Maybe
{
MOZ_ALIGNAS_IN_STRUCT(T) unsigned char mStorage[sizeof(T)];
char mIsSome; // not bool -- guarantees minimal space consumption
// GCC fails due to -Werror=strict-aliasing if |mStorage| is directly cast to
// T*. Indirecting through these functions addresses the problem.
void* data() { return mStorage; }
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mfbt/MaybeOneOf.h
1 issues
Line: 48
Column: 38
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static constexpr size_t StorageSize =
tl::Max<sizeof(T1), sizeof(T2)>::value;
alignas(StorageAlignment) unsigned char storage[StorageSize];
// GCC fails due to -Werror=strict-aliasing if |storage| is directly cast to
// T*. Indirecting through these functions addresses the problem.
void* data() { return storage; }
const void* data() const { return storage; }
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mfbt/Poison.h
1 issues
Line: 46
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
char* limit = p + (aSize & ~(sizeof(uintptr_t) - 1));
MOZ_ASSERT(aSize >= sizeof(uintptr_t), "poisoning this object has no effect");
for (; p < limit; p += sizeof(uintptr_t)) {
memcpy(p, &POISON, sizeof(POISON));
}
}
/**
* Initialize the poison value.
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mfbt/SegmentedVector.h
1 issues
Line: 107
Column: 7
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// The union ensures that the elements are appropriately aligned.
union Storage
{
char mBuf[sizeof(T) * SegmentCapacity];
mozilla::AlignedElem<MOZ_ALIGNOF(T)> mAlign;
} mStorage;
static_assert(MOZ_ALIGNOF(T) == MOZ_ALIGNOF(Storage),
"SegmentedVector provides incorrect alignment");
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mfbt/Sprintf.h
1 issues
Line: 25
Column: 18
CWE codes:
134
Suggestion:
Use a constant for the format specification
int VsprintfLiteral(char (&buffer)[N], const char* format, va_list args)
{
MOZ_ASSERT(format != buffer);
int result = vsnprintf(buffer, N, format, args);
buffer[N - 1] = '\0';
return result;
}
template <size_t N>
Reported by FlawFinder.
src/third_party/mozjs-60/extract/mfbt/Vector.h
1 issues
Line: 413
Column: 25
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{}
CRAndStorage() = default;
alignas(T) unsigned char mBytes[Capacity * sizeof(T)];
// GCC fails due to -Werror=strict-aliasing if |mBytes| is directly cast to
// T*. Indirecting through this function addresses the problem.
void* data() { return mBytes; }
Reported by FlawFinder.
src/third_party/boost/boost/exception/exception.hpp
1 issues
Line: 351
Column: 29
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
};
struct large_size { char c[256]; };
large_size dispatch_boost_exception( exception const * );
struct small_size { };
small_size dispatch_boost_exception( void const * );
Reported by FlawFinder.