Codekhana

src/third_party/asio-master/asio/include/asio/is_write_buffered.hpp

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 34 Column: 37 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

              template <typename Stream>
char is_write_buffered_helper(buffered_write_stream<Stream>* s);

struct is_write_buffered_big_type { char data[10]; };
is_write_buffered_big_type is_write_buffered_helper(...);

} // namespace detail

/// The is_write_buffered class is a traits class that may be used to determine

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/ssl/detail/engine.hpp

1 issues

read - Check buffer boundaries if used in a loop including recursive loops

Security

Line: 92 Column: 18 CWE codes: 120 20

                    asio::error_code& ec, std::size_t& bytes_transferred);

  // Read bytes from the SSL session.
  ASIO_DECL want read(const asio::mutable_buffer& data,
      asio::error_code& ec, std::size_t& bytes_transferred);

  // Get output data to be written to the transport.
  ASIO_DECL asio::mutable_buffer get_output(
      const asio::mutable_buffer& data);

Reported by FlawFinder.

src/third_party/asio-master/asio/include/asio/ssl/detail/read_op.hpp

1 issues

read - Check buffer boundaries if used in a loop including recursive loops

Security

Line: 46 Column: 16 CWE codes: 120 20

                    asio::detail::buffer_sequence_adapter<asio::mutable_buffer,
        MutableBufferSequence>::first(buffers_);

    return eng.read(buffer, ec, bytes_transferred);
  }

  template <typename Handler>
  void call_handler(Handler& handler,
      const asio::error_code& ec,

Reported by FlawFinder.

src/third_party/benchmark/dist/src/benchmark.cc

1 issues

open - Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?

Security

Line: 378 Column: 17 CWE codes: 362

                  std::exit(1);
  }
  if (!fname.empty()) {
    output_file.open(fname);
    if (!output_file.is_open()) {
      Err << "invalid file name: '" << fname << std::endl;
      std::exit(1);
    }
    if (!file_reporter) {

Reported by FlawFinder.

src/third_party/benchmark/dist/src/benchmark_register.cc

1 issues

Returning/dereferencing 'bench' after it is deallocated / released

Error

Line: 246 CWE codes: 672

                std::unique_ptr<Benchmark> bench_ptr(bench);
  BenchmarkFamilies* families = BenchmarkFamilies::GetInstance();
  families->AddBenchmark(std::move(bench_ptr));
  return bench;
}

// FIXME: This function is a hack so that benchmark.cc can access
// `BenchmarkFamilies`
bool FindBenchmarksInternal(const std::string& re,

Reported by Cppcheck.

src/third_party/benchmark/dist/src/console_reporter.cc

1 issues

strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)

Security

Line: 163 Column: 56 CWE codes: 126

                  if (c.second.flags & Counter::kIsRate)
      unit = (c.second.flags & Counter::kInvert) ? "s" : "/s";
    if (output_options_ & OO_Tabular) {
      printer(Out, COLOR_DEFAULT, " %*s%s", cNameLen - strlen(unit), s.c_str(),
              unit);
    } else {
      printer(Out, COLOR_DEFAULT, " %s=%s%s", c.first.c_str(), s.c_str(), unit);
    }
  }

Reported by FlawFinder.

src/third_party/boost/boost/algorithm/hex.hpp

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 62 Column: 9 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                  template <typename T, typename OutputIterator>
    OutputIterator encode_one ( T val, OutputIterator out, const char * hexDigits ) {
        const std::size_t num_hex_digits =  2 * sizeof ( T );
        char res [ num_hex_digits ];
        char  *p = res + num_hex_digits;
        for ( std::size_t i = 0; i < num_hex_digits; ++i, val >>= 4 )
            *--p = hexDigits [ val & 0x0F ];
        return std::copy ( res, res + num_hex_digits, out );
        }

Reported by FlawFinder.

src/third_party/boost/boost/align/detail/aligned_alloc_android.hpp

1 issues

memalign - On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct

Security

Line: 22 Column: 14 CWE codes: 676
Suggestion: Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient

              aligned_alloc(std::size_t alignment, std::size_t size) BOOST_NOEXCEPT
{
    BOOST_ASSERT(detail::is_alignment(alignment));
    return ::memalign(alignment, size);
}

inline void
aligned_free(void* ptr) BOOST_NOEXCEPT
{

Reported by FlawFinder.

src/third_party/boost/boost/align/detail/aligned_alloc_sunos.hpp

1 issues

memalign - On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct

Security

Line: 22 Column: 14 CWE codes: 676
Suggestion: Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient

              aligned_alloc(std::size_t alignment, std::size_t size) BOOST_NOEXCEPT
{
    BOOST_ASSERT(detail::is_alignment(alignment));
    return ::memalign(alignment, size);
}

inline void
aligned_free(void* ptr) BOOST_NOEXCEPT
{

Reported by FlawFinder.

src/third_party/boost/boost/archive/archive_exception.hpp

1 issues

char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues

Security

Line: 46 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length

                  public virtual std::exception
{
private:
    char m_buffer[128];
protected:
    BOOST_ARCHIVE_DECL unsigned int
    append(unsigned int l, const char * a);
    BOOST_ARCHIVE_DECL
    archive_exception() BOOST_NOEXCEPT;

Reported by FlawFinder.

Modal title

The following issues were found

src/third_party/asio-master/asio/include/asio/is_write_buffered.hpp

1 issues

src/third_party/asio-master/asio/include/asio/ssl/detail/engine.hpp

1 issues

src/third_party/asio-master/asio/include/asio/ssl/detail/read_op.hpp

1 issues

src/third_party/benchmark/dist/src/benchmark.cc

1 issues

src/third_party/benchmark/dist/src/benchmark_register.cc

1 issues

src/third_party/benchmark/dist/src/console_reporter.cc

1 issues

src/third_party/boost/boost/algorithm/hex.hpp

1 issues

src/third_party/boost/boost/align/detail/aligned_alloc_android.hpp

1 issues

src/third_party/boost/boost/align/detail/aligned_alloc_sunos.hpp

1 issues

src/third_party/boost/boost/archive/archive_exception.hpp

1 issues