Codekhana

src/third_party/asio-master/asio/include/asio/detail/descriptor_ops.hpp

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 62 Column: 15 CWE codes: 362

                return return_value;
}

ASIO_DECL int open(const char* path, int flags,
    asio::error_code& ec);

ASIO_DECL int close(int d, state_type& state,
    asio::error_code& ec);

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/detail/null_socket_service.hpp

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 94 Column: 20 CWE codes: 362

                }

  // Open a new socket implementation.
  asio::error_code open(implementation_type&,
      const protocol_type&, asio::error_code& ec)
  {
    ec = asio::error::operation_not_supported;
    return ec;
  }

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/detail/reactive_serial_port_service.hpp

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 82 Column: 30 CWE codes: 362

                }

  // Open the serial port using the specified device name.
  ASIO_DECL asio::error_code open(implementation_type& impl,
      const std::string& device, asio::error_code& ec);

  // Assign a native descriptor to a serial port implementation.
  asio::error_code assign(implementation_type& impl,
      const native_handle_type& native_descriptor,

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/detail/reactive_socket_service.hpp

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 123 Column: 20 CWE codes: 362

                }

  // Open a new socket implementation.
  asio::error_code open(implementation_type& impl,
      const protocol_type& protocol, asio::error_code& ec)
  {
    if (!do_open(impl, protocol.family(),
          protocol.type(), protocol.protocol(), ec))
      impl.protocol_ = protocol;

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/detail/win_iocp_serial_port_service.hpp

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 80 Column: 30 CWE codes: 362

                }

  // Open the serial port using the specified device name.
  ASIO_DECL asio::error_code open(implementation_type& impl,
      const std::string& device, asio::error_code& ec);

  // Assign a native handle to a serial port implementation.
  asio::error_code assign(implementation_type& impl,
      const native_handle_type& handle, asio::error_code& ec)

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/detail/win_iocp_socket_service.hpp

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 197 Column: 20 CWE codes: 362

                }

  // Open a new socket implementation.
  asio::error_code open(implementation_type& impl,
      const protocol_type& protocol, asio::error_code& ec)
  {
    if (!do_open(impl, protocol.family(),
          protocol.type(), protocol.protocol(), ec))
    {

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/detail/winrt_ssocket_service.hpp

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 111 Column: 20 CWE codes: 362

                }

  // Open a new socket implementation.
  asio::error_code open(implementation_type& impl,
      const protocol_type& protocol, asio::error_code& ec)
  {
    if (is_open(impl))
    {
      ec = asio::error::already_open;

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/ip/impl/network_v4.hpp

1 issues

setstate - This function is not sufficiently random for security-related functions such as key and nonce creation

Security

Line: 39 Column: 10 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values

                  if (os.exceptions() & std::basic_ostream<Elem, Traits>::failbit)
      asio::detail::throw_error(ec);
    else
      os.setstate(std::basic_ostream<Elem, Traits>::failbit);
  }
  else
    for (std::string::iterator i = s.begin(); i != s.end(); ++i)
      os << os.widen(*i);
  return os;

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/ip/impl/network_v6.hpp

1 issues

setstate - This function is not sufficiently random for security-related functions such as key and nonce creation

Security

Line: 38 Column: 10 CWE codes: 327
Suggestion: Use a more secure technique for acquiring random values

                  if (os.exceptions() & std::basic_ostream<Elem, Traits>::failbit)
      asio::detail::throw_error(ec);
    else
      os.setstate(std::basic_ostream<Elem, Traits>::failbit);
  }
  else
    for (std::string::iterator i = s.begin(); i != s.end(); ++i)
      os << os.widen(*i);
  return os;

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/is_read_buffered.hpp

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 34 Column: 36 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              template <typename Stream>
char is_read_buffered_helper(buffered_read_stream<Stream>* s);

struct is_read_buffered_big_type { char data[10]; };
is_read_buffered_big_type is_read_buffered_helper(...);

} // namespace detail

/// The is_read_buffered class is a traits class that may be used to determine

Reported by FlawFinder.

Modal title

The following issues were found

src/third_party/asio-master/asio/include/asio/detail/descriptor_ops.hpp

1 issues

src/third_party/asio-master/asio/include/asio/detail/null_socket_service.hpp

1 issues

src/third_party/asio-master/asio/include/asio/detail/reactive_serial_port_service.hpp

1 issues

src/third_party/asio-master/asio/include/asio/detail/reactive_socket_service.hpp

1 issues

src/third_party/asio-master/asio/include/asio/detail/win_iocp_serial_port_service.hpp

1 issues

src/third_party/asio-master/asio/include/asio/detail/win_iocp_socket_service.hpp

1 issues

src/third_party/asio-master/asio/include/asio/detail/winrt_ssocket_service.hpp

1 issues

src/third_party/asio-master/asio/include/asio/ip/impl/network_v4.hpp

1 issues

src/third_party/asio-master/asio/include/asio/ip/impl/network_v6.hpp

1 issues

src/third_party/asio-master/asio/include/asio/is_read_buffered.hpp

1 issues