The following issues were found
src/third_party/mozjs-60/extract/js/src/jit/x64/CodeGenerator-x64.cpp
27 issues
Line: 385
Column: 59
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
void
CodeGeneratorX64::wasmStore(const wasm::MemoryAccessDesc& access, const LAllocation* value,
Operand dstAddr)
{
if (value->isConstant()) {
MOZ_ASSERT(!access.isSimd());
Reported by FlawFinder.
Line: 389
Column: 21
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
Operand dstAddr)
{
if (value->isConstant()) {
MOZ_ASSERT(!access.isSimd());
masm.memoryBarrierBefore(access.sync());
const MConstant* mir = value->toConstant();
Imm32 cst = Imm32(mir->type() == MIRType::Int32 ? mir->toInt32() : mir->toInt64());
Reported by FlawFinder.
Line: 391
Column: 34
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (value->isConstant()) {
MOZ_ASSERT(!access.isSimd());
masm.memoryBarrierBefore(access.sync());
const MConstant* mir = value->toConstant();
Imm32 cst = Imm32(mir->type() == MIRType::Int32 ? mir->toInt32() : mir->toInt64());
size_t storeOffset = masm.size();
Reported by FlawFinder.
Line: 397
Column: 17
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
Imm32 cst = Imm32(mir->type() == MIRType::Int32 ? mir->toInt32() : mir->toInt64());
size_t storeOffset = masm.size();
switch (access.type()) {
case Scalar::Int8:
case Scalar::Uint8:
masm.movb(cst, dstAddr);
break;
case Scalar::Int16:
Reported by FlawFinder.
Line: 421
Column: 21
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
case Scalar::MaxTypedArrayViewType:
MOZ_CRASH("unexpected array type");
}
masm.append(access, storeOffset, masm.framePushed());
masm.memoryBarrierAfter(access.sync());
} else {
masm.wasmStore(access, ToAnyRegister(value), dstAddr);
}
Reported by FlawFinder.
Line: 423
Column: 33
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
masm.append(access, storeOffset, masm.framePushed());
masm.memoryBarrierAfter(access.sync());
} else {
masm.wasmStore(access, ToAnyRegister(value), dstAddr);
}
}
Reported by FlawFinder.
Line: 425
Column: 24
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
masm.memoryBarrierAfter(access.sync());
} else {
masm.wasmStore(access, ToAnyRegister(value), dstAddr);
}
}
template <typename T>
void
Reported by FlawFinder.
Line: 435
Column: 28
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
{
const MWasmLoad* mir = ins->mir();
uint32_t offset = mir->access().offset();
MOZ_ASSERT(offset < wasm::OffsetGuardLimit);
const LAllocation* ptr = ins->ptr();
Operand srcAddr = ptr->isBogus()
? Operand(HeapReg, offset)
Reported by FlawFinder.
Line: 444
Column: 31
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
: Operand(HeapReg, ToRegister(ptr), TimesOne, offset);
if (mir->type() == MIRType::Int64)
masm.wasmLoadI64(mir->access(), srcAddr, ToOutRegister64(ins));
else
masm.wasmLoad(mir->access(), srcAddr, ToAnyRegister(ins->output()));
}
void
Reported by FlawFinder.
Line: 446
Column: 28
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
if (mir->type() == MIRType::Int64)
masm.wasmLoadI64(mir->access(), srcAddr, ToOutRegister64(ins));
else
masm.wasmLoad(mir->access(), srcAddr, ToAnyRegister(ins->output()));
}
void
CodeGeneratorX64::visitWasmLoad(LWasmLoad* ins)
{
Reported by FlawFinder.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Platform/posix.py
27 issues
Line: 35
Column: 1
__revision__ = "src/engine/SCons/Platform/posix.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import errno
import os
import os.path
import subprocess
import sys
import select
Reported by Pylint.
Line: 36
Column: 1
__revision__ = "src/engine/SCons/Platform/posix.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import errno
import os
import os.path
import subprocess
import sys
import select
Reported by Pylint.
Line: 37
Column: 1
import errno
import os
import os.path
import subprocess
import sys
import select
import SCons.Util
Reported by Pylint.
Line: 39
Column: 1
import os
import os.path
import subprocess
import sys
import select
import SCons.Util
from SCons.Platform import TempFileMunge
from SCons.Platform.virtualenv import ImportVirtualenv
Reported by Pylint.
Line: 40
Column: 1
import os.path
import subprocess
import sys
import select
import SCons.Util
from SCons.Platform import TempFileMunge
from SCons.Platform.virtualenv import ImportVirtualenv
from SCons.Platform.virtualenv import ignore_virtualenv, enable_virtualenv
Reported by Pylint.
Line: 42
Column: 1
import sys
import select
import SCons.Util
from SCons.Platform import TempFileMunge
from SCons.Platform.virtualenv import ImportVirtualenv
from SCons.Platform.virtualenv import ignore_virtualenv, enable_virtualenv
exitvalmap = {
Reported by Pylint.
Line: 69
Column: 26
proc = subprocess.Popen(l, env = env, close_fds = True)
return proc.wait()
def subprocess_spawn(sh, escape, cmd, args, env):
return exec_subprocess([sh, '-c', ' '.join(args)], env)
def exec_popen3(l, env, stdout, stderr):
proc = subprocess.Popen(l, env = env, close_fds = True,
stdout = stdout,
Reported by Pylint.
Line: 69
Column: 34
proc = subprocess.Popen(l, env = env, close_fds = True)
return proc.wait()
def subprocess_spawn(sh, escape, cmd, args, env):
return exec_subprocess([sh, '-c', ' '.join(args)], env)
def exec_popen3(l, env, stdout, stderr):
proc = subprocess.Popen(l, env = env, close_fds = True,
stdout = stdout,
Reported by Pylint.
Line: 69
Column: 26
proc = subprocess.Popen(l, env = env, close_fds = True)
return proc.wait()
def subprocess_spawn(sh, escape, cmd, args, env):
return exec_subprocess([sh, '-c', ' '.join(args)], env)
def exec_popen3(l, env, stdout, stderr):
proc = subprocess.Popen(l, env = env, close_fds = True,
stdout = stdout,
Reported by Pylint.
Line: 78
Column: 33
stderr = stderr)
return proc.wait()
def piped_env_spawn(sh, escape, cmd, args, env, stdout, stderr):
# spawn using Popen3 combined with the env command
# the command name and the command's stdout is written to stdout
# the command's stderr is written to stderr
return exec_popen3([sh, '-c', ' '.join(args)],
env, stdout, stderr)
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_tiered02.py
27 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import os, wiredtiger, wtscenario, wttest
from wtdataset import SimpleDataSet
# test_tiered02.py
# Test tiered tree
class test_tiered02(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 42
Column: 5
bucket_prefix = "pfx_"
extension_name = "local_store"
def conn_config(self):
if not os.path.exists(self.bucket):
os.mkdir(self.bucket)
return \
'tiered_storage=(auth_token=%s,' % self.auth_token + \
'bucket=%s,' % self.bucket + \
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import os, wiredtiger, wtscenario, wttest
from wtdataset import SimpleDataSet
# test_tiered02.py
# Test tiered tree
class test_tiered02(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import os, wiredtiger, wtscenario, wttest
from wtdataset import SimpleDataSet
# test_tiered02.py
# Test tiered tree
class test_tiered02(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 84
Column: 9
self.assertGreater(len(got), self.flushed_objects)
else:
self.assertEqual(len(got), self.flushed_objects)
self.flushed_objects = len(got)
# Test tiered storage with the old prototype way of signaling flushing to the shared
# tier via checkpoints. When flush_tier is working, the checkpoint calls can be
# replaced with flush_tier.
def test_tiered(self):
Reported by Pylint.
Line: 90
Column: 9
# tier via checkpoints. When flush_tier is working, the checkpoint calls can be
# replaced with flush_tier.
def test_tiered(self):
self.flushed_objects = 0
args = 'key_format=S'
intl_page = 'internal_page_max=16K'
base_create = 'key_format=S,value_format=S,' + intl_page
self.pr("create sys")
Reported by Pylint.
Line: 94
Column: 9
args = 'key_format=S'
intl_page = 'internal_page_max=16K'
base_create = 'key_format=S,value_format=S,' + intl_page
self.pr("create sys")
#self.session.create(self.uri + 'xxx', base_create)
self.progress('Create simple data set (10)')
ds = SimpleDataSet(self, self.uri, 10, config=args)
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import os, wiredtiger, wtscenario, wttest
from wtdataset import SimpleDataSet
# test_tiered02.py
# Test tiered tree
class test_tiered02(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 34
Column: 1
# test_tiered02.py
# Test tiered tree
class test_tiered02(wttest.WiredTigerTestCase):
uri = "table:test_tiered02"
auth_token = "test_token"
bucket = "mybucket"
bucket_prefix = "pfx_"
Reported by Pylint.
src/third_party/variant-1.4.0/support/single-header.py
26 issues
Line: 20
Column: 3
processed = []
def process(header):
result = ''
with open(header, 'r') as f:
for line in f:
p = re.compile('^#include "(.+)"')
m = p.match(line)
if m is None:
Reported by Pylint.
Line: 1
Column: 1
#! /usr/bin/env python
# MPark.Variant
#
# Copyright Michael Park, 2017
#
# Distributed under the Boost Software License, Version 1.0.
# (See accompanying file LICENSE.md or copy at http://boost.org/LICENSE_1_0.txt)
Reported by Pylint.
Line: 1
Column: 1
#! /usr/bin/env python
# MPark.Variant
#
# Copyright Michael Park, 2017
#
# Distributed under the Boost Software License, Version 1.0.
# (See accompanying file LICENSE.md or copy at http://boost.org/LICENSE_1_0.txt)
Reported by Pylint.
Line: 12
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_imports.html#b404-import-subprocess
import os.path
import re
import subprocess
import sys
# Prints a single header version of `include/mpark/variant.hpp` to stdout.
processed = []
Reported by Bandit.
Line: 19
Column: 1
processed = []
def process(header):
result = ''
with open(header, 'r') as f:
for line in f:
p = re.compile('^#include "(.+)"')
m = p.match(line)
Reported by Pylint.
Line: 20
Column: 1
processed = []
def process(header):
result = ''
with open(header, 'r') as f:
for line in f:
p = re.compile('^#include "(.+)"')
m = p.match(line)
if m is None:
Reported by Pylint.
Line: 21
Column: 1
def process(header):
result = ''
with open(header, 'r') as f:
for line in f:
p = re.compile('^#include "(.+)"')
m = p.match(line)
if m is None:
result += line
Reported by Pylint.
Line: 21
Column: 29
def process(header):
result = ''
with open(header, 'r') as f:
for line in f:
p = re.compile('^#include "(.+)"')
m = p.match(line)
if m is None:
result += line
Reported by Pylint.
Line: 22
Column: 1
def process(header):
result = ''
with open(header, 'r') as f:
for line in f:
p = re.compile('^#include "(.+)"')
m = p.match(line)
if m is None:
result += line
else:
Reported by Pylint.
Line: 23
Column: 7
result = ''
with open(header, 'r') as f:
for line in f:
p = re.compile('^#include "(.+)"')
m = p.match(line)
if m is None:
result += line
else:
g = m.group(1)
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_txn02.py
26 issues
Line: 102
Column: 5
return
print(msg)
def conn_config(self):
# Cycle through the different transaction_sync values in a
# deterministic manner.
txn_sync = self.sync_list[
self.scenario_number % len(self.sync_list)]
#
Reported by Pylint.
Line: 33
Column: 1
# Transactions: commits and rollbacks
#
import fnmatch, os, shutil, time
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
import wttest
class test_txn02(wttest.WiredTigerTestCase, suite_subprocess):
Reported by Pylint.
Line: 168
Column: 9
#
# Cycle through the different archive values in a
# deterministic manner.
self.archive = self.archive_list[
self.scenario_number % len(self.archive_list)]
backup_conn_params = \
'log=(enabled,file_max=%s,archive=%s)' % (self.logmax, self.archive)
orig_logs = fnmatch.filter(os.listdir(self.backup_dir), "*gerLog*")
endcount = 2
Reported by Pylint.
Line: 179
Column: 17
backup_conn = self.wiredtiger_open(self.backup_dir,
backup_conn_params)
try:
session = backup_conn.open_session()
finally:
self.check(backup_conn.open_session(), None, committed)
# Sleep long enough so that the archive thread is guaranteed
# to run before we close the connection.
time.sleep(1.0)
Reported by Pylint.
Line: 208
Column: 9
self.assertEqual(cur_logs, pr_logs)
def test_ops(self):
self.backup_dir = os.path.join(self.home, "WT_BACKUP")
self.session2 = self.conn.open_session()
self.debug("Creating %s with config '%s'" % (self.uri, self.create_params))
self.session.create(self.uri, self.create_params)
# Set up the table with entries for 1, 2, 10 and 11.
# We use the overwrite config so insert can update as needed.
Reported by Pylint.
Line: 209
Column: 9
def test_ops(self):
self.backup_dir = os.path.join(self.home, "WT_BACKUP")
self.session2 = self.conn.open_session()
self.debug("Creating %s with config '%s'" % (self.uri, self.create_params))
self.session.create(self.uri, self.create_params)
# Set up the table with entries for 1, 2, 10 and 11.
# We use the overwrite config so insert can update as needed.
c = self.session.open_cursor(self.uri, None, 'overwrite')
Reported by Pylint.
Line: 231
Column: 17
# Close and reopen the connection and cursor.
if reopen == 'reopen':
self.reopen_conn()
self.session2 = self.conn.open_session()
c = self.session.open_cursor(self.uri, None, 'overwrite')
self.session.begin_transaction(
(self.scenario_number % 2) and 'sync' or None)
# Test multiple operations per transaction by always
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 33
Column: 1
# Transactions: commits and rollbacks
#
import fnmatch, os, shutil, time
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
import wttest
class test_txn02(wttest.WiredTigerTestCase, suite_subprocess):
Reported by Pylint.
Line: 38
Column: 1
from wtscenario import make_scenarios
import wttest
class test_txn02(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn02'
uri = 'table:' + tablename
archive_list = ['true', 'false']
conn_list = ['reopen', 'stay_open']
Reported by Pylint.
src/third_party/boost/boost/iostreams/device/mapped_file.hpp
26 issues
Line: 192
Column: 10
CWE codes:
362
//--------------Stream interface------------------------------------------//
template<typename Path>
void open(const basic_mapped_file_params<Path>& p);
template<typename Path>
void open( const Path& path,
size_type length = max_length,
boost::intmax_t offset = 0 );
Reported by FlawFinder.
Line: 195
Column: 10
CWE codes:
362
void open(const basic_mapped_file_params<Path>& p);
template<typename Path>
void open( const Path& path,
size_type length = max_length,
boost::intmax_t offset = 0 );
bool is_open() const;
void close();
Reported by FlawFinder.
Line: 281
Column: 10
CWE codes:
362
// open overload taking a parameters object
template<typename Path>
void open(const basic_mapped_file_params<Path>& p);
// open overload taking a list of parameters
template<typename Path>
void open( const Path& path,
mapmode mode,
Reported by FlawFinder.
Line: 285
Column: 10
CWE codes:
362
// open overload taking a list of parameters
template<typename Path>
void open( const Path& path,
mapmode mode,
size_type length = max_length,
stream_offset offset = 0 );
// open overload taking a list of parameters, including a
Reported by FlawFinder.
Line: 293
Column: 10
CWE codes:
362
// open overload taking a list of parameters, including a
// std::ios_base::openmode (deprecated)
template<typename Path>
void open( const Path& path,
BOOST_IOS::openmode mode =
BOOST_IOS::in | BOOST_IOS::out,
size_type length = max_length,
stream_offset offset = 0 );
Reported by FlawFinder.
Line: 377
Column: 10
CWE codes:
362
// open overload taking a parameters object
template<typename Path>
void open(const basic_mapped_file_params<Path>& p);
// open overload taking a list of parameters
template<typename Path>
void open( const Path& path,
size_type length = max_length,
Reported by FlawFinder.
Line: 381
Column: 10
CWE codes:
362
// open overload taking a list of parameters
template<typename Path>
void open( const Path& path,
size_type length = max_length,
boost::intmax_t offset = 0,
mapmode flags = readwrite );
};
Reported by FlawFinder.
Line: 391
Column: 11
CWE codes:
362
template<typename Path>
mapped_file_source::mapped_file_source(const basic_mapped_file_params<Path>& p)
{ init(); open(p); }
template<typename Path>
mapped_file_source::mapped_file_source(
const Path& path, size_type length, boost::intmax_t offset)
{ init(); open(path, length, offset); }
Reported by FlawFinder.
Line: 396
Column: 11
CWE codes:
362
template<typename Path>
mapped_file_source::mapped_file_source(
const Path& path, size_type length, boost::intmax_t offset)
{ init(); open(path, length, offset); }
template<typename Path>
void mapped_file_source::open(const basic_mapped_file_params<Path>& p)
{
param_type params(p);
Reported by FlawFinder.
Line: 399
Column: 26
CWE codes:
362
{ init(); open(path, length, offset); }
template<typename Path>
void mapped_file_source::open(const basic_mapped_file_params<Path>& p)
{
param_type params(p);
if (params.flags) {
if (params.flags != mapped_file::readonly)
boost::throw_exception(BOOST_IOSTREAMS_FAILURE("invalid flags"));
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_txn01.py
26 issues
Line: 33
Column: 1
# transactions
# [END_TAGS]
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_txn01.py
# Transactions: basic functionality
class test_txn01(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 33
Column: 1
# transactions
# [END_TAGS]
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_txn01.py
# Transactions: basic functionality
class test_txn01(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 54
Column: 13
count = 0
# Column-store appends result in phantoms, ignore records unless they
# have our flag value.
for r in cursor:
if self.value_format == 'S' or cursor.get_value() == 0xab:
count += 1
return count
# Checkpoint the database and assert the number of records visible to the
Reported by Pylint.
Line: 145
Column: 13
# Return the number of records visible to the cursor.
def cursor_count(self, cursor):
count = 0
for r in cursor:
count += 1
return count
def test_read_committed_default(self):
self.session.create(self.uri, 'key_format=S,value_format=S')
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 33
Column: 1
# transactions
# [END_TAGS]
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_txn01.py
# Transactions: basic functionality
class test_txn01(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 38
Column: 1
# test_txn01.py
# Transactions: basic functionality
class test_txn01(wttest.WiredTigerTestCase):
nentries = 1000
scenarios = make_scenarios([
('col-f', dict(uri='file:text_txn01',key_format='r',value_format='S')),
('col-t', dict(uri='table:text_txn01',key_format='r',value_format='S')),
('fix-f', dict(uri='file:text_txn01',key_format='r',value_format='8t')),
Reported by Pylint.
Line: 38
Column: 1
# test_txn01.py
# Transactions: basic functionality
class test_txn01(wttest.WiredTigerTestCase):
nentries = 1000
scenarios = make_scenarios([
('col-f', dict(uri='file:text_txn01',key_format='r',value_format='S')),
('col-t', dict(uri='table:text_txn01',key_format='r',value_format='S')),
('fix-f', dict(uri='file:text_txn01',key_format='r',value_format='8t')),
Reported by Pylint.
Line: 50
Column: 5
])
# Return the number of records visible to the cursor.
def cursor_count(self, cursor):
count = 0
# Column-store appends result in phantoms, ignore records unless they
# have our flag value.
for r in cursor:
if self.value_format == 'S' or cursor.get_value() == 0xab:
Reported by Pylint.
Line: 54
Column: 13
count = 0
# Column-store appends result in phantoms, ignore records unless they
# have our flag value.
for r in cursor:
if self.value_format == 'S' or cursor.get_value() == 0xab:
count += 1
return count
# Checkpoint the database and assert the number of records visible to the
Reported by Pylint.
src/third_party/boost/boost/interprocess/detail/win32_api.hpp
26 issues
Line: 788
Column: 26
CWE codes:
732
{
if(!boost::winapi::InitializeSecurityDescriptor(&sd, security_descriptor_revision))
return;
if(!boost::winapi::SetSecurityDescriptorDacl(&sd, true, 0, false))
return;
sa.lpSecurityDescriptor = &sd;
sa.nLength = sizeof(interprocess_security_attributes);
sa.bInheritHandle = false;
initialized = true;
Reported by FlawFinder.
Line: 788
Column: 26
CWE codes:
732
{
if(!boost::winapi::InitializeSecurityDescriptor(&sd, security_descriptor_revision))
return;
if(!boost::winapi::SetSecurityDescriptorDacl(&sd, true, 0, false))
return;
sa.lpSecurityDescriptor = &sd;
sa.nLength = sizeof(interprocess_security_attributes);
sa.bInheritHandle = false;
initialized = true;
Reported by FlawFinder.
Line: 800
Column: 65
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
{ return &sa; }
};
inline void * create_file_mapping (void * handle, unsigned long access, ::boost::ulong_long_type file_offset, const char * name, interprocess_security_attributes *psec)
{
const boost::winapi::DWORD_ high_size(file_offset >> 32), low_size((boost::winapi::DWORD_)file_offset);
return CreateFileMappingA (handle, psec, access, high_size, low_size, name);
}
Reported by FlawFinder.
Line: 803
Column: 45
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
inline void * create_file_mapping (void * handle, unsigned long access, ::boost::ulong_long_type file_offset, const char * name, interprocess_security_attributes *psec)
{
const boost::winapi::DWORD_ high_size(file_offset >> 32), low_size((boost::winapi::DWORD_)file_offset);
return CreateFileMappingA (handle, psec, access, high_size, low_size, name);
}
inline void * create_file_mapping (void * handle, unsigned long access, ::boost::ulong_long_type file_offset, const wchar_t * name, interprocess_security_attributes *psec)
{
const boost::winapi::DWORD_ high_size(file_offset >> 32), low_size((boost::winapi::DWORD_)file_offset);
Reported by FlawFinder.
Line: 806
Column: 65
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return CreateFileMappingA (handle, psec, access, high_size, low_size, name);
}
inline void * create_file_mapping (void * handle, unsigned long access, ::boost::ulong_long_type file_offset, const wchar_t * name, interprocess_security_attributes *psec)
{
const boost::winapi::DWORD_ high_size(file_offset >> 32), low_size((boost::winapi::DWORD_)file_offset);
return CreateFileMappingW (handle, psec, access, high_size, low_size, name);
}
Reported by FlawFinder.
Line: 809
Column: 45
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
inline void * create_file_mapping (void * handle, unsigned long access, ::boost::ulong_long_type file_offset, const wchar_t * name, interprocess_security_attributes *psec)
{
const boost::winapi::DWORD_ high_size(file_offset >> 32), low_size((boost::winapi::DWORD_)file_offset);
return CreateFileMappingW (handle, psec, access, high_size, low_size, name);
}
inline void * open_file_mapping (unsigned long access, const char *name)
{ return OpenFileMappingA (access, 0, name); }
Reported by FlawFinder.
Line: 812
Column: 48
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
return CreateFileMappingW (handle, psec, access, high_size, low_size, name);
}
inline void * open_file_mapping (unsigned long access, const char *name)
{ return OpenFileMappingA (access, 0, name); }
inline void * open_file_mapping (unsigned long access, const wchar_t *name)
{ return OpenFileMappingW (access, 0, name); }
Reported by FlawFinder.
Line: 813
Column: 29
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
}
inline void * open_file_mapping (unsigned long access, const char *name)
{ return OpenFileMappingA (access, 0, name); }
inline void * open_file_mapping (unsigned long access, const wchar_t *name)
{ return OpenFileMappingW (access, 0, name); }
inline void *map_view_of_file_ex(void *handle, unsigned long file_access, ::boost::ulong_long_type offset, std::size_t numbytes, void *base_addr)
Reported by FlawFinder.
Line: 815
Column: 48
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
inline void * open_file_mapping (unsigned long access, const char *name)
{ return OpenFileMappingA (access, 0, name); }
inline void * open_file_mapping (unsigned long access, const wchar_t *name)
{ return OpenFileMappingW (access, 0, name); }
inline void *map_view_of_file_ex(void *handle, unsigned long file_access, ::boost::ulong_long_type offset, std::size_t numbytes, void *base_addr)
{
const unsigned long offset_low = (unsigned long)(offset & ((::boost::ulong_long_type)0xFFFFFFFF));
Reported by FlawFinder.
Line: 816
Column: 29
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
{ return OpenFileMappingA (access, 0, name); }
inline void * open_file_mapping (unsigned long access, const wchar_t *name)
{ return OpenFileMappingW (access, 0, name); }
inline void *map_view_of_file_ex(void *handle, unsigned long file_access, ::boost::ulong_long_type offset, std::size_t numbytes, void *base_addr)
{
const unsigned long offset_low = (unsigned long)(offset & ((::boost::ulong_long_type)0xFFFFFFFF));
const unsigned long offset_high = offset >> 32;
Reported by FlawFinder.
src/third_party/boost/boost/date_time/gregorian/gregorian_io.hpp
26 issues
Line: 99
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// if the user wants exceptions on failbit, we'll rethrow our
// date_time exception & set the failbit
if(std::ios_base::failbit & exception_mask) {
try { is.setstate(std::ios_base::failbit); }
catch(std::ios_base::failure&) {} // ignore this one
throw; // rethrow original exception
}
else {
// if the user want's to fail quietly, we simply set the failbit
Reported by FlawFinder.
Line: 105
Column: 14
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
}
else {
// if the user want's to fail quietly, we simply set the failbit
is.setstate(std::ios_base::failbit);
}
}
}
return is;
Reported by FlawFinder.
Line: 157
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
catch(...) {
std::ios_base::iostate exception_mask = is.exceptions();
if(std::ios_base::failbit & exception_mask) {
try { is.setstate(std::ios_base::failbit); }
catch(std::ios_base::failure&) {}
throw; // rethrow original exception
}
else {
is.setstate(std::ios_base::failbit);
Reported by FlawFinder.
Line: 162
Column: 14
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
throw; // rethrow original exception
}
else {
is.setstate(std::ios_base::failbit);
}
}
}
return is;
Reported by FlawFinder.
Line: 221
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
catch(...) {
std::ios_base::iostate exception_mask = is.exceptions();
if(std::ios_base::failbit & exception_mask) {
try { is.setstate(std::ios_base::failbit); }
catch(std::ios_base::failure&) {}
throw; // rethrow original exception
}
else {
is.setstate(std::ios_base::failbit);
Reported by FlawFinder.
Line: 226
Column: 14
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
throw; // rethrow original exception
}
else {
is.setstate(std::ios_base::failbit);
}
}
}
return is;
Reported by FlawFinder.
Line: 280
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
catch(...) {
std::ios_base::iostate exception_mask = is.exceptions();
if(std::ios_base::failbit & exception_mask) {
try { is.setstate(std::ios_base::failbit); }
catch(std::ios_base::failure&) {}
throw; // rethrow original exception
}
else {
is.setstate(std::ios_base::failbit);
Reported by FlawFinder.
Line: 285
Column: 14
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
throw; // rethrow original exception
}
else {
is.setstate(std::ios_base::failbit);
}
}
}
return is;
Reported by FlawFinder.
Line: 337
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
catch(...) {
std::ios_base::iostate exception_mask = is.exceptions();
if(std::ios_base::failbit & exception_mask) {
try { is.setstate(std::ios_base::failbit); }
catch(std::ios_base::failure&) {}
throw; // rethrow original exception
}
else {
is.setstate(std::ios_base::failbit);
Reported by FlawFinder.
Line: 342
Column: 14
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
throw; // rethrow original exception
}
else {
is.setstate(std::ios_base::failbit);
}
}
}
return is;
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_schema08.py
26 issues
Line: 31
Column: 1
import fnmatch, os, shutil, sys
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_schema08.py
# Test schema operations on recovery.
# Test all schema operations alter, create, drop, rename.
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import fnmatch, os, shutil, sys
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_schema08.py
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import fnmatch, os, shutil, sys
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_schema08.py
Reported by Pylint.
Line: 31
Column: 1
import fnmatch, os, shutil, sys
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_schema08.py
# Test schema operations on recovery.
# Test all schema operations alter, create, drop, rename.
Reported by Pylint.
Line: 138
Column: 28
f.close()
# print "New size " + logf + ": " + str(os.path.getsize(logf))
def run_recovery(self, uri, suburi):
# With the connection still open, copy files to the new directory.
# Make an initial copy as well as a copy for each LSN we save.
# Truncate the log to the appropriate offset as we make each copy.
olddir = "."
errfile="errfile.txt"
Reported by Pylint.
Line: 138
Column: 33
f.close()
# print "New size " + logf + ": " + str(os.path.getsize(logf))
def run_recovery(self, uri, suburi):
# With the connection still open, copy files to the new directory.
# Make an initial copy as well as a copy for each LSN we save.
# Truncate the log to the appropriate offset as we make each copy.
olddir = "."
errfile="errfile.txt"
Reported by Pylint.
Line: 142
Column: 9
# With the connection still open, copy files to the new directory.
# Make an initial copy as well as a copy for each LSN we save.
# Truncate the log to the appropriate offset as we make each copy.
olddir = "."
errfile="errfile.txt"
for lsn in self.lsns:
newdir = self.backup_pfx + str(lsn)
outfile = newdir + '.txt'
self.runWt(['-R', '-h', newdir, 'list', '-v'], errfilename=errfile, outfilename=outfile)
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import fnmatch, os, shutil, sys
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_schema08.py
Reported by Pylint.
Line: 31
Column: 1
import fnmatch, os, shutil, sys
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_schema08.py
# Test schema operations on recovery.
# Test all schema operations alter, create, drop, rename.
Reported by Pylint.