The following issues were found
src/mongo/util/tcmalloc_server_status_section.cpp
1 issues
Line: 167
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
#endif
char buffer[4096];
MallocExtension::instance()->GetStats(buffer, sizeof buffer);
builder.append("formattedString", buffer);
}
return builder.obj();
Reported by FlawFinder.
src/mongo/util/testing_options.cpp
1 issues
Line: 51
// Initialize testing diagnostics only if it has not been already initialized, or it must be
// enabled by the initializer (i.e., "testingDiagnosticsEnabled=true"). This ensures testing
// diagnostics cannot be set beyond this point.
if (!TestingProctor::instance().isInitialized() || gTestingDiagnosticsEnabledAtStartup) {
TestingProctor::instance().setEnabled(gTestingDiagnosticsEnabledAtStartup);
}
if (TestingProctor::instance().isEnabled()) {
LOGV2_OPTIONS(4672602,
Reported by Cppcheck.
src/mongo/util/testing_proctor.cpp
1 issues
Line: 83
* especially for those executables that never call into `setEnabled()` (e.g., the mongo shell).
*/
MONGO_INITIALIZER(DisableTestingDiagnosticsByDefault)(InitializerContext*) {
if (!TestingProctor::instance().isInitialized()) {
TestingProctor::instance().setEnabled(false);
}
}
} // namespace
Reported by Cppcheck.
src/mongo/util/thread_context_test.cpp
1 issues
Line: 142
boost::optional<unittest::ThreadAssertionMonitor> _monitor;
};
TEST_F(ThreadContextTest, HasLocalThreadContext) {
auto context = getThreadContext();
// Since this is the local thread, there should be no difference since the start of the test.
ASSERT_EQ(gCounters.get(), Counters(0, 0, 0));
}
Reported by Cppcheck.
src/mongo/util/thread_safe_string.h
1 issues
Line: 65
Column: 9
CWE codes:
120
size_t s = str.size();
if (s >= _size - 2)
s = _size - 2;
strncpy(_buf, str.rawData(), s);
_buf[s] = '\0';
return *this;
}
bool empty() const {
Reported by FlawFinder.
src/mongo/util/thread_safety_context_test.cpp
1 issues
Line: 59
}
};
TEST_F(ThreadSafetyContextTest, CreateThreadsWithNoSafetyContext) {
constexpr auto threadCount = 16;
std::vector<stdx::thread> threads;
for (auto i = 0; i < threadCount; i++) {
threads.emplace_back([] { sleepFor(Milliseconds(10)); });
Reported by Cppcheck.
src/mongo/util/time_support_test.cpp
1 issues
Line: 61
// name: _putenv. See online help for details.
#pragma warning(disable : 4996)
MONGO_INITIALIZER(SetTimeZoneToEasternForTest)(InitializerContext*) {
if (-1 == putenv(tzEnvString)) {
uasserted(ErrorCodes::BadValue, errnoWithDescription());
}
tzset();
}
#pragma warning(pop)
Reported by Cppcheck.
src/mongo/util/unique_function_test.cpp
1 issues
Line: 93
template <int channel>
bool RunDetection<channel>::itRan = false;
TEST(UniqueFunctionTest, construct_simple_unique_function_from_lambda) {
// Implicit construction
{
RunDetection<0> runDetection;
mongo::unique_function<void()> uf = [] { RunDetection<0>::itRan = true; };
Reported by Cppcheck.
src/mongo/util/uuid.h
1 issues
Line: 85
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static UUID fromCDR(ConstDataRange cdr) {
UUID uuid{UUIDStorage{}};
invariant(cdr.length() == uuid._uuid.size());
memcpy(uuid._uuid.data(), cdr.data(), uuid._uuid.size());
return uuid;
}
/**
* Returns whether this string represents a valid UUID.
Reported by FlawFinder.
src/mongo/util/version.cpp
1 issues
Line: 149
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Collect macOS specific detail about the running version.
void appendMacOSInfo(BSONObjBuilder* builder) {
BSONObjBuilder macOS(builder->subobjStart("macOS"));
char buffer[2048];
for (const auto& item : kMacOSInfoMap) {
std::size_t buffer_len = sizeof(buffer) - 1;
if ((sysctlbyname(item.first.c_str(), buffer, &buffer_len, nullptr, 0) == 0) &&
(buffer_len > 1)) {
Reported by FlawFinder.