Codekhana

src/third_party/mozjs-60/extract/mozglue/misc/TimeStamp.cpp

1 issues

getenv - Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once

Security

Line: 57 Column: 27 CWE codes: 807 20
Suggestion: Check environment variables carefully before using them

                }

  if (sInitOnce.mProcessCreation.IsNull()) {
    char* mozAppRestart = getenv("MOZ_APP_RESTART");
    TimeStamp ts;

    /* When calling PR_SetEnv() with an empty value the existing variable may
     * be unset or set to the empty string depending on the underlying platform
     * thus we have to check if the variable is present and not empty. */

Reported by FlawFinder.

src/third_party/mozjs-60/include/js/Principals.h

1 issues

read - Check buffer boundaries if used in a loop including recursive loops

Security

Line: 129 Column: 65 CWE codes: 120 20

               * buffer. The initialization can be done only once per JS runtime.
 */
extern JS_PUBLIC_API(void)
JS_InitReadPrincipalsCallback(JSContext* cx, JSReadPrincipalsOp read);


#endif  /* js_Principals_h */

Reported by FlawFinder.

src/third_party/mozjs-60/include/js/ProfilingFrameIterator.h

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 57 Column: 29 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                  Kind kind_;

    static const unsigned StorageSpace = 8 * sizeof(void*);
    alignas(void*) unsigned char storage_[StorageSpace];

    void* storage() { return storage_; }
    const void* storage() const { return storage_; }

    js::wasm::ProfilingFrameIterator& wasmIter() {

Reported by FlawFinder.

src/third_party/mozjs-60/include/malloc_decls.h

1 issues

memalign - On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct

Security

Line: 41 Column: 13 CWE codes: 676
Suggestion: Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient

              MALLOC_DECL(calloc, void*, size_t, size_t)
MALLOC_DECL(realloc, void*, void*, size_t)
MALLOC_DECL(free, void, void*)
MALLOC_DECL(memalign, void*, size_t, size_t)
#endif
#if MALLOC_FUNCS & MALLOC_FUNCS_MALLOC_EXTRA
MALLOC_DECL(posix_memalign, int, void**, size_t, size_t)
MALLOC_DECL(aligned_alloc, void*, size_t, size_t)
MALLOC_DECL(valloc, void*, size_t)

Reported by FlawFinder.

src/third_party/mozjs-60/include/mozilla/Alignment.h

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 127 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              {
  union U
  {
    char mBytes[sizeof(T)];
    uint64_t mDummy;
  } u;

  const T* addr() const { return reinterpret_cast<const T*>(u.mBytes); }
  T* addr() { return static_cast<T*>(static_cast<void*>(u.mBytes)); }

Reported by FlawFinder.

src/third_party/mozjs-60/include/mozilla/Assertions.h

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 113 Column: 15 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                    * to avoid conflicts (see below).
      */
#    define MOZ_STATIC_ASSERT(cond, reason) \
       extern char MOZ_STATIC_ASSERT_GLUE(moz_static_assert, __LINE__)[(cond) ? 1 : -1]
#  elif defined(__COUNTER__)
     /*
      * If there was no preferred alternative, use a compiler-agnostic version.
      *
      * Note that the non-__COUNTER__ version has a bug in C++: it can't be used

Reported by FlawFinder.

src/third_party/mozjs-60/include/mozilla/Attributes.h

1 issues

printf - If format strings can be influenced by an attacker, they can be exploited

Security

Line: 800 Column: 29 CWE codes: 134
Suggestion: Use a constant for the format specification

                  __attribute__ ((format (__MINGW_PRINTF_FORMAT, stringIndex, firstToCheck)))
#elif __GNUC__
#define MOZ_FORMAT_PRINTF(stringIndex, firstToCheck)  \
    __attribute__ ((format (printf, stringIndex, firstToCheck)))
#else
#define MOZ_FORMAT_PRINTF(stringIndex, firstToCheck)
#endif

/**

Reported by FlawFinder.

src/third_party/boost/boost/coroutine/exceptions.hpp

1 issues

system - This causes a new program to execute and is difficult to use safely

Security

Line: 44 Column: 11 CWE codes: 78
Suggestion: try using a library call that implements the same functionality if available

              
}

namespace system {

template<>
struct is_error_code_enum< coroutines::coroutine_errc > : public true_type
{};

Reported by FlawFinder.

src/third_party/mozjs-60/include/mozilla/Maybe.h

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 111 Column: 37 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              template<class T>
class MOZ_NON_PARAM MOZ_INHERIT_TYPE_ANNOTATIONS_FROM_TEMPLATE_ARGS Maybe
{
  MOZ_ALIGNAS_IN_STRUCT(T) unsigned char mStorage[sizeof(T)];
  char mIsSome; // not bool -- guarantees minimal space consumption

  // GCC fails due to -Werror=strict-aliasing if |mStorage| is directly cast to
  // T*.  Indirecting through these functions addresses the problem.
  void* data() { return mStorage; }

Reported by FlawFinder.

src/third_party/mozjs-60/include/mozilla/MaybeOneOf.h

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 48 Column: 38 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                static constexpr size_t StorageSize =
    tl::Max<sizeof(T1), sizeof(T2)>::value;

  alignas(StorageAlignment) unsigned char storage[StorageSize];

  // GCC fails due to -Werror=strict-aliasing if |storage| is directly cast to
  // T*.  Indirecting through these functions addresses the problem.
  void* data() { return storage; }
  const void* data() const { return storage; }

Reported by FlawFinder.

Modal title

The following issues were found

src/third_party/mozjs-60/extract/mozglue/misc/TimeStamp.cpp

1 issues

src/third_party/mozjs-60/include/js/Principals.h

1 issues

src/third_party/mozjs-60/include/js/ProfilingFrameIterator.h

1 issues

src/third_party/mozjs-60/include/malloc_decls.h

1 issues

src/third_party/mozjs-60/include/mozilla/Alignment.h

1 issues

src/third_party/mozjs-60/include/mozilla/Assertions.h

1 issues

src/third_party/mozjs-60/include/mozilla/Attributes.h

1 issues

src/third_party/boost/boost/coroutine/exceptions.hpp

1 issues

src/third_party/mozjs-60/include/mozilla/Maybe.h

1 issues

src/third_party/mozjs-60/include/mozilla/MaybeOneOf.h

1 issues