The following issues were found
src/third_party/s2/strings/stringprintf.cc
1 issues
Line: 18
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// An empty block of zero for filler arguments. This is const so that if
// printf tries to write to it (via %n) then the program gets a SIGSEGV
// and we can fix the problem or protect against an attack.
static const char string_printf_empty_block [256] = { '\0' };
string StringPrintfVector(const char* format, const vector<string>& v) {
CHECK_LE(v.size(), static_cast<size_t>(kStringPrintfVectorMaxArgs))
<< "StringPrintfVector currently only supports up to "
<< kStringPrintfVectorMaxArgs << " arguments. "
Reported by FlawFinder.
src/third_party/boost/boost/container/pmr/resource_adaptor.hpp
1 issues
Line: 188
Column: 15
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
//Store bookeeping data. Use memcpy as the underlying memory might be unaligned for
//a pointer (e.g. 2 byte alignment in 32 bit, 4 byte alignment in 64 bit)
std::memcpy(priv_bookeeping_addr_from_aligned_ptr(aligned_ptr), &p, sizeof(p));
return aligned_ptr;
}
return 0;
}
Reported by FlawFinder.
src/third_party/s2/util/coding/coder.cc
1 issues
Line: 45
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int new_capacity = max(current_len + N, 2 * current_len);
unsigned char* new_buffer = new unsigned char[new_capacity];
memcpy(new_buffer, underlying_buffer_, current_len);
if (underlying_buffer_ != &kEmptyBuffer) {
delete[] underlying_buffer_;
}
underlying_buffer_ = new_buffer;
Reported by FlawFinder.
src/third_party/s2/util/coding/varint.h
1 issues
Line: 148
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void Append64Slow(string* s, uint64 value);
// Mapping from rightmost bit set to the number of bytes required
static const char length32_bytes_required[33];
};
/***** Implementation details; clients should ignore *****/
inline const char* Varint::Parse32FallbackInline(const char* p,
Reported by FlawFinder.
src/third_party/boost/boost/container/detail/version_type.hpp
1 issues
Line: 56
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct has_version
{
private:
struct two {char _[2];};
template <class U> static two test(...);
template <class U> static char test(const typename U::version*);
public:
static const bool value = sizeof(test<T>(0)) == 1;
void dummy(){}
Reported by FlawFinder.
src/third_party/boost/boost/container/detail/pair.hpp
1 issues
Line: 200
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
template <class T1, class T2, std::size_t N>
struct pair_padding
{
char padding[N];
};
template <class T1, class T2>
struct pair_padding<T1, T2, 0>
{
Reported by FlawFinder.
src/third_party/boost/boost/container/detail/mutex.hpp
1 issues
Line: 207
Column: 9
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
public:
mutex()
{ InitializeCriticalSection(&mtx); }
~mutex()
{ DeleteCriticalSection(&mtx); }
void lock()
Reported by FlawFinder.
src/third_party/boost/boost/container/detail/dispatch_uses_allocator.hpp
1 issues
Line: 54
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
typedef char yes_type;
struct no_type
{ char padding[2]; };
template<std::size_t N>
struct dummy;
template<class X>
Reported by FlawFinder.
src/third_party/boost/boost/container/detail/advanced_insert_int.hpp
1 issues
Line: 537
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct has_single_value
{
private:
struct two {char array_[2];};
template<bool Arg> struct wrapper;
template <class U> static two test(int, ...);
template <class U> static char test(int, const wrapper<U::single_value>*);
public:
static const bool value = sizeof(test<T>(0, 0)) == 1;
Reported by FlawFinder.
src/third_party/boost/boost/container/allocator_traits.hpp
1 issues
Line: 383
Column: 44
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
//! <b>Returns</b>: <code>true</code> if <code>is_always_equal::value == true</code>, otherwise,
//! <code>a == b</code>.
BOOST_CONTAINER_FORCEINLINE static bool equal(const Allocator &a, const Allocator &b) BOOST_NOEXCEPT_OR_NOTHROW
{
dtl::bool_<is_always_equal::value> flag;
return allocator_traits::priv_equal(flag, a, b);
}
Reported by FlawFinder.