The following issues were found
src/third_party/gperftools/dist/src/tests/heap-checker_unittest.cc
17 issues
Line: 686
CWE codes:
771
HeapLeakChecker::Disabler disabler;
AllocHidden(3 * sizeof(int));
TransLeaks();
(void)malloc(10); // Direct leak
}
// have different disabled leaks
static void* RunDisabledLeaks(void* a) {
ScopedDisabledLeaks();
Reported by Cppcheck.
Line: 892
Column: 15
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
*ptr = new(initialized) int[1];
}
set<int>* s2 = new(initialized) set<int>[1];
s1.insert(random());
s2->insert(*s1.begin());
user += *s2->begin();
**ptr += user;
if (random() % 51 == 0) {
s1.clear();
Reported by FlawFinder.
Line: 896
Column: 9
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
s2->insert(*s1.begin());
user += *s2->begin();
**ptr += user;
if (random() % 51 == 0) {
s1.clear();
if (random() % 2 == 0) {
s1.~Set();
new(&s1) Set;
}
Reported by FlawFinder.
Line: 898
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
**ptr += user;
if (random() % 51 == 0) {
s1.clear();
if (random() % 2 == 0) {
s1.~Set();
new(&s1) Set;
}
}
VLOG(3) << pthread_self() << " (" << getpid() << "): in wait: "
Reported by FlawFinder.
Line: 930
Column: 21
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
ptr = reinterpret_cast<int **>(
reinterpret_cast<uintptr_t>(ptr) ^ kHideMask);
} else {
poll(NULL, 0, random() % 100);
}
VLOG(2) << pthread_self() << ": continuing";
if (random() % 3 == 0) {
delete [] *ptr;
delete [] ptr;
Reported by FlawFinder.
Line: 933
Column: 9
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
poll(NULL, 0, random() % 100);
}
VLOG(2) << pthread_self() << ": continuing";
if (random() % 3 == 0) {
delete [] *ptr;
delete [] ptr;
ptr = NULL;
}
delete [] s2;
Reported by FlawFinder.
Line: 1024
Column: 16
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
template<class T>
struct Array {
Array() {
size = 3 + random() % 30;
ptr = new(initialized) T[size];
}
~Array() { delete [] ptr; }
Array(const Array& x) {
size = x.size;
Reported by FlawFinder.
Line: 1112
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
class ClassB {
public:
ClassB() { }
char b[7];
virtual void f() { }
virtual ~ClassB() { }
};
class ClassB2 {
Reported by FlawFinder.
Line: 1120
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
class ClassB2 {
public:
ClassB2() { }
char b2[11];
virtual void f2() { }
virtual ~ClassB2() { }
};
class ClassD1 : public ClassB {
Reported by FlawFinder.
Line: 1126
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
class ClassD1 : public ClassB {
char d1[15];
virtual void f() { }
};
class ClassD2 : public ClassB2 {
char d2[19];
Reported by FlawFinder.
jstests/client_encrypt/lib/kms_http_server_gcp.py
17 issues
Line: 23
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
kms_http_common.FAULT_OAUTH_CORRECT_FORMAT,
]
SECRET_PREFIX = "00SECRET"
FAKE_OAUTH_TOKEN = "omg_im_an_oauth_token"
URL_PATH_OAUTH_AUDIENCE = "/token"
URL_PATH_OAUTH_SCOPE = "/auth/cloudkms"
URL_PATH_MOCK_KEY = "/v1/projects/mock/locations/global/keyRings/mock-key-ring/cryptoKeys/mock-key"
Reported by Bandit.
Line: 24
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
]
SECRET_PREFIX = "00SECRET"
FAKE_OAUTH_TOKEN = "omg_im_an_oauth_token"
URL_PATH_OAUTH_AUDIENCE = "/token"
URL_PATH_OAUTH_SCOPE = "/auth/cloudkms"
URL_PATH_MOCK_KEY = "/v1/projects/mock/locations/global/keyRings/mock-key-ring/cryptoKeys/mock-key"
Reported by Bandit.
Line: 77
Column: 5
else:
self._send_reply(f"Unknown operation: {operation}".encode("utf-8"))
def _do_encrypt(self, raw_input):
request = json.loads(raw_input)
print(request)
plaintext = request["plaintext"]
Reported by Pylint.
Line: 87
Column: 1
ciphertext = SECRET_PREFIX.encode() + plaintext.encode()
ciphertext = base64.b64encode(ciphertext).decode()
if kms_http_common.fault_type and kms_http_common.fault_type.startswith(kms_http_common.FAULT_ENCRYPT) \
and not kms_http_common.disable_faults:
return self._do_encrypt_faults(ciphertext)
response = {
"ciphertext": ciphertext,
Reported by Pylint.
Line: 101
Column: 9
def _do_encrypt_faults(self, raw_ciphertext):
kms_http_common.stats.fault_calls += 1
if kms_http_common.fault_type == kms_http_common.FAULT_ENCRYPT:
self._send_reply("Internal Error of some sort.".encode(), http.HTTPStatus.INTERNAL_SERVER_ERROR)
return
elif kms_http_common.fault_type == kms_http_common.FAULT_ENCRYPT_CORRECT_FORMAT:
response = {
"error": {
Reported by Pylint.
Line: 102
Column: 1
kms_http_common.stats.fault_calls += 1
if kms_http_common.fault_type == kms_http_common.FAULT_ENCRYPT:
self._send_reply("Internal Error of some sort.".encode(), http.HTTPStatus.INTERNAL_SERVER_ERROR)
return
elif kms_http_common.fault_type == kms_http_common.FAULT_ENCRYPT_CORRECT_FORMAT:
response = {
"error": {
"code": 1337,
Reported by Pylint.
Line: 117
Column: 5
raise ValueError("Unknown Fault Type: " + kms_http_common.fault_type)
def _do_decrypt(self, raw_input):
request = json.loads(raw_input)
blob = base64.b64decode(request["ciphertext"]).decode()
print("FOUND SECRET: " + blob)
Reported by Pylint.
Line: 123
Column: 1
print("FOUND SECRET: " + blob)
# our "encrypted" values start with the word SECRET_PREFIX otherwise they did not come from us
if not blob.startswith(SECRET_PREFIX):
raise ValueError()
blob = blob[len(SECRET_PREFIX):]
Reported by Pylint.
Line: 129
Column: 1
blob = blob[len(SECRET_PREFIX):]
if kms_http_common.fault_type and kms_http_common.fault_type.startswith(kms_http_common.FAULT_DECRYPT) \
and not kms_http_common.disable_faults:
return self._do_decrypt_faults(blob)
response = {
"plaintext": blob,
Reported by Pylint.
Line: 142
Column: 9
def _do_decrypt_faults(self, blob):
kms_http_common.stats.fault_calls += 1
if kms_http_common.fault_type == kms_http_common.FAULT_DECRYPT:
self._send_reply("Internal Error of some sort.".encode(), http.HTTPStatus.INTERNAL_SERVER_ERROR)
return
elif kms_http_common.fault_type == kms_http_common.FAULT_DECRYPT_WRONG_KEY:
response = {
"plaintext": "ta7DXE7J0OiCRw03dYMJSeb8nVF5qxTmZ9zWmjuX4zW/SOorSCaY8VMTWG+cRInMx/rr/+QeVw2WjU2IpOSvMg==",
Reported by Pylint.
jstests/client_encrypt/lib/kms_http_server_azure.py
17 issues
Line: 23
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
kms_http_common.FAULT_OAUTH_CORRECT_FORMAT,
]
SECRET_PREFIX = "00SECRET"
FAKE_OAUTH_TOKEN = "omg_im_an_oauth_token"
URL_PATH_OAUTH_AUDIENCE = "/token"
URL_PATH_OAUTH_SCOPE = "/auth/cloudkms"
URL_PATH_MOCK_KEY = "/keys/my_key/"
Reported by Bandit.
Line: 24
Suggestion:
https://bandit.readthedocs.io/en/latest/plugins/b105_hardcoded_password_string.html
]
SECRET_PREFIX = "00SECRET"
FAKE_OAUTH_TOKEN = "omg_im_an_oauth_token"
URL_PATH_OAUTH_AUDIENCE = "/token"
URL_PATH_OAUTH_SCOPE = "/auth/cloudkms"
URL_PATH_MOCK_KEY = "/keys/my_key/"
Reported by Bandit.
Line: 76
Column: 5
else:
self._send_reply(f"Unknown operation: {operation}".encode("utf-8"))
def _do_encrypt(self, raw_input):
request = json.loads(raw_input)
print(request)
plaintext = request["value"]
Reported by Pylint.
Line: 86
Column: 1
ciphertext = SECRET_PREFIX.encode() + plaintext.encode()
ciphertext = base64.urlsafe_b64encode(ciphertext).decode()
if kms_http_common.fault_type and kms_http_common.fault_type.startswith(kms_http_common.FAULT_ENCRYPT) \
and not kms_http_common.disable_faults:
return self._do_encrypt_faults(ciphertext)
response = {
"value": ciphertext,
Reported by Pylint.
Line: 100
Column: 9
def _do_encrypt_faults(self, raw_ciphertext):
kms_http_common.stats.fault_calls += 1
if kms_http_common.fault_type == kms_http_common.FAULT_ENCRYPT:
self._send_reply("Internal Error of some sort.".encode(), http.HTTPStatus.INTERNAL_SERVER_ERROR)
return
elif kms_http_common.fault_type == kms_http_common.FAULT_ENCRYPT_CORRECT_FORMAT:
response = {
"error": {
Reported by Pylint.
Line: 101
Column: 1
kms_http_common.stats.fault_calls += 1
if kms_http_common.fault_type == kms_http_common.FAULT_ENCRYPT:
self._send_reply("Internal Error of some sort.".encode(), http.HTTPStatus.INTERNAL_SERVER_ERROR)
return
elif kms_http_common.fault_type == kms_http_common.FAULT_ENCRYPT_CORRECT_FORMAT:
response = {
"error": {
"code": "bad",
Reported by Pylint.
Line: 115
Column: 5
raise ValueError("Unknown Fault Type: " + kms_http_common.fault_type)
def _do_decrypt(self, raw_input):
request = json.loads(raw_input)
blob = base64.urlsafe_b64decode(request["value"]).decode()
print("FOUND SECRET: " + blob)
Reported by Pylint.
Line: 121
Column: 1
print("FOUND SECRET: " + blob)
# our "encrypted" values start with the word SECRET_PREFIX otherwise they did not come from us
if not blob.startswith(SECRET_PREFIX):
raise ValueError()
blob = blob[len(SECRET_PREFIX):]
Reported by Pylint.
Line: 127
Column: 1
blob = blob[len(SECRET_PREFIX):]
if kms_http_common.fault_type and kms_http_common.fault_type.startswith(kms_http_common.FAULT_DECRYPT) \
and not kms_http_common.disable_faults:
return self._do_decrypt_faults(blob)
response = {
"kid": "my_key",
Reported by Pylint.
Line: 141
Column: 9
def _do_decrypt_faults(self, blob):
kms_http_common.stats.fault_calls += 1
if kms_http_common.fault_type == kms_http_common.FAULT_DECRYPT:
self._send_reply("Internal Error of some sort.".encode(), http.HTTPStatus.INTERNAL_SERVER_ERROR)
return
elif kms_http_common.fault_type == kms_http_common.FAULT_DECRYPT_WRONG_KEY:
response = {
"kid": "my_key",
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_durable_ts03.py
17 issues
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_durable_ts03.py
# Check that the checkpoint honors the durable timestamp of updates.
class test_durable_ts03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_durable_ts03.py
# Check that the checkpoint honors the durable timestamp of updates.
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_durable_ts03.py
# Check that the checkpoint honors the durable timestamp of updates.
class test_durable_ts03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 86
Column: 13
# Check the checkpoint wrote only the durable updates.
cursor2 = self.session.open_cursor(
uri, None, 'checkpoint=WiredTigerCheckpoint')
for key, value in cursor2:
self.assertEqual(value, valueA)
self.assertEquals(cursor.reset(), 0)
session.begin_transaction('read_timestamp=' + self.timestamp_str(150))
for key, value in cursor:
Reported by Pylint.
Line: 89
Column: 9
for key, value in cursor2:
self.assertEqual(value, valueA)
self.assertEquals(cursor.reset(), 0)
session.begin_transaction('read_timestamp=' + self.timestamp_str(150))
for key, value in cursor:
self.assertEqual(value, valueA)
session.commit_transaction()
Reported by Pylint.
Line: 96
Column: 9
session.commit_transaction()
# Read the updated data to confirm that it is visible.
self.assertEquals(cursor.reset(), 0)
session.begin_transaction('read_timestamp=' + self.timestamp_str(210))
for key, value in cursor:
self.assertEqual(value, valueB)
session.commit_transaction()
Reported by Pylint.
Line: 114
Column: 9
for key, value in cursor:
self.assertEqual(value, valueA)
self.assertEquals(cursor.reset(), 0)
for i in range(1, nrows + 1):
session.begin_transaction()
cursor[i] = valueC
session.prepare_transaction('prepare_timestamp=' + self.timestamp_str(220))
session.timestamp_transaction('commit_timestamp=' + self.timestamp_str(230))
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_durable_ts03.py
# Check that the checkpoint honors the durable timestamp of updates.
class test_durable_ts03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtscenario import make_scenarios
# test_durable_ts03.py
# Check that the checkpoint honors the durable timestamp of updates.
class test_durable_ts03(wttest.WiredTigerTestCase):
Reported by Pylint.
src/third_party/wiredtiger/bench/workgen/runner/runner/__init__.py
17 issues
Line: 50
Column: 5
# Initialize the python path so needed modules can be imported.
# If the path already works, don't change it.
try:
import wiredtiger
except:
# We'll try hard to make the importing work, we'd like to runners
# to be executable directly without having to set environment variables.
sys.path.insert(0, os.path.join(wt_dir, 'lang', 'python'))
sys.path.insert(0, os.path.join(wt_builddir, 'lang', 'python'))
Reported by Pylint.
Line: 57
Column: 9
sys.path.insert(0, os.path.join(wt_dir, 'lang', 'python'))
sys.path.insert(0, os.path.join(wt_builddir, 'lang', 'python'))
try:
import wiredtiger
except:
# If the .libs directory is not in our library search path,
# we need to set it and retry. However, the dynamic link
# library has already cached its value, our only option is
# to restart the Python interpreter.
Reported by Pylint.
Line: 87
Column: 1
sys.path.insert(0, os.path.join(wt_builddir, 'bench', 'workgen'))
import workgen
from .core import txn, extensions_config, op_append, op_group_transaction, op_log_like, op_multi_table, op_populate_with_range, sleep, timed
from .latency import workload_latency
Reported by Pylint.
Line: 88
Column: 1
import workgen
from .core import txn, extensions_config, op_append, op_group_transaction, op_log_like, op_multi_table, op_populate_with_range, sleep, timed
from .latency import workload_latency
Reported by Pylint.
Line: 43
Column: 5
last = ''
try:
last = ':' + os.environ[pathvar]
except:
pass
os.environ[pathvar] = s + last
# Initialize the python path so needed modules can be imported.
# If the path already works, don't change it.
Reported by Pylint.
Line: 51
Column: 1
# If the path already works, don't change it.
try:
import wiredtiger
except:
# We'll try hard to make the importing work, we'd like to runners
# to be executable directly without having to set environment variables.
sys.path.insert(0, os.path.join(wt_dir, 'lang', 'python'))
sys.path.insert(0, os.path.join(wt_builddir, 'lang', 'python'))
try:
Reported by Pylint.
Line: 58
Column: 5
sys.path.insert(0, os.path.join(wt_builddir, 'lang', 'python'))
try:
import wiredtiger
except:
# If the .libs directory is not in our library search path,
# we need to set it and retry. However, the dynamic link
# library has already cached its value, our only option is
# to restart the Python interpreter.
if '_workgen_init' not in os.environ:
Reported by Pylint.
Line: 72
Column: 20
py_args.insert(0, sys.executable)
try:
os.execv(sys.executable, py_args)
except Exception as exception:
print('re-exec failed: ' + str(exception), file=sys.stderr)
print(' exec(' + sys.executable + ', ' + str(py_args) + ')')
print('Try adding "' + dotlibs + '" to the', file=sys.stderr)
print('LD_LIBRARY_PATH environment variable before running ' + \
'this program again.', file=sys.stderr)
Reported by Pylint.
Line: 82
Column: 1
try:
import workgen
except:
sys.path.insert(0, os.path.join(workgen_src, 'workgen'))
sys.path.insert(0, os.path.join(wt_builddir, 'bench', 'workgen'))
import workgen
from .core import txn, extensions_config, op_append, op_group_transaction, op_log_like, op_multi_table, op_populate_with_range, sleep, timed
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_hs05.py
17 issues
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wiredtiger import stat
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_hs05.py
Reported by Pylint.
Line: 31
Column: 1
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wiredtiger import stat
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_hs05.py
# Verify hs_score reflects cache pressure due to history
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wiredtiger import stat
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wiredtiger import stat
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_hs05.py
Reported by Pylint.
Line: 52
Column: 24
]
scenarios = make_scenarios(key_format_values)
def get_stat(self, stat):
stat_cursor = self.session.open_cursor('statistics:')
val = stat_cursor[stat][2]
stat_cursor.close()
return val
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wiredtiger import stat
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_hs05.py
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wiredtiger import stat
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_hs05.py
Reported by Pylint.
Line: 31
Column: 1
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wiredtiger import stat
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_hs05.py
# Verify hs_score reflects cache pressure due to history
Reported by Pylint.
Line: 38
Column: 1
# test_hs05.py
# Verify hs_score reflects cache pressure due to history
# even if we're not yet actively pushing into the history store file.
class test_hs05(wttest.WiredTigerTestCase):
# Force a small cache, but disable eviction of dirty pages until the cache is full.
conn_config = 'cache_size=50MB,statistics=(fast),'
conn_config += 'eviction_dirty_target=100,eviction_dirty_trigger=100,'
conn_config += 'eviction_updates_target=100,eviction_updates_trigger=100'
session_config = 'isolation=snapshot'
Reported by Pylint.
src/third_party/wiredtiger/examples/c/ex_col_store.c
17 issues
Line: 172
Column: 5
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
WEATHER w;
int country, day;
srand((unsigned int)getpid());
for (int i = 0; i < NUM_ENTRIES; i++) {
day = rand() % 7;
switch (day) {
case 0:
Reported by FlawFinder.
Line: 53
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint8_t humidity;
uint8_t wind;
uint8_t feels_like_temp;
char day[5];
char country[5];
} WEATHER;
/*! [col-store decl] */
Reported by FlawFinder.
Line: 54
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint8_t wind;
uint8_t feels_like_temp;
char day[5];
char country[5];
} WEATHER;
/*! [col-store decl] */
static void update_celsius_to_fahrenheit(WT_SESSION *session);
Reported by FlawFinder.
Line: 178
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
day = rand() % 7;
switch (day) {
case 0:
strcpy(w.day, "MON");
break;
case 1:
strcpy(w.day, "TUE");
break;
case 2:
Reported by FlawFinder.
Line: 181
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(w.day, "MON");
break;
case 1:
strcpy(w.day, "TUE");
break;
case 2:
strcpy(w.day, "WED");
break;
case 3:
Reported by FlawFinder.
Line: 184
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(w.day, "TUE");
break;
case 2:
strcpy(w.day, "WED");
break;
case 3:
strcpy(w.day, "THU");
break;
case 4:
Reported by FlawFinder.
Line: 187
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(w.day, "WED");
break;
case 3:
strcpy(w.day, "THU");
break;
case 4:
strcpy(w.day, "FRI");
break;
case 5:
Reported by FlawFinder.
Line: 190
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(w.day, "THU");
break;
case 4:
strcpy(w.day, "FRI");
break;
case 5:
strcpy(w.day, "SAT");
break;
case 6:
Reported by FlawFinder.
Line: 193
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(w.day, "FRI");
break;
case 5:
strcpy(w.day, "SAT");
break;
case 6:
strcpy(w.day, "SUN");
break;
default:
Reported by FlawFinder.
Line: 196
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
strcpy(w.day, "SAT");
break;
case 6:
strcpy(w.day, "SUN");
break;
default:
assert(false);
}
/* 24-hour-time 0-2400. */
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_bug016.py
17 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
# test_bug016.py
# WT-2757: WT_CURSOR.get_key() fails after WT_CURSOR.insert unless the
# cursor has a record number key with append configured.
class test_bug016(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 44
Column: 9
cursor = self.session.open_cursor(uri, None, 'append')
cursor.set_value('value')
cursor.insert()
self.assertEquals(cursor.get_key(), 1)
# Insert a row into a simple column-store table.
# WT_CURSOR.get_key should fail.
def test_simple_column_store(self):
uri='file:bug016'
Reported by Pylint.
Line: 56
Column: 13
cursor.set_value('value')
cursor.insert()
self.assertRaisesWithMessage(wiredtiger.WiredTigerError,
lambda: cursor.get_key(), "/requires key be set/")
# Insert a row into a simple row-store table.
# WT_CURSOR.get_key should fail.
def test_simple_row_store(self):
uri='file:bug016'
Reported by Pylint.
Line: 68
Column: 13
cursor.set_value('value')
cursor.insert()
self.assertRaisesWithMessage(wiredtiger.WiredTigerError,
lambda: cursor.get_key(), "/requires key be set/")
# Insert a row into a complex column-store table configured to append.
# WT_CURSOR.get_key should succeed.
def test_complex_column_store_append(self):
uri='table:bug016'
Reported by Pylint.
Line: 79
Column: 9
cursor = self.session.open_cursor(uri, None, 'append')
cursor.set_value('value')
cursor.insert()
self.assertEquals(cursor.get_key(), 1)
# Insert a row into a complex column-store table.
# WT_CURSOR.get_key should fail.
def test_complex_column_store(self):
uri='table:bug016'
Reported by Pylint.
Line: 92
Column: 13
cursor.set_value('value')
cursor.insert()
self.assertRaisesWithMessage(wiredtiger.WiredTigerError,
lambda: cursor.get_key(), "/requires key be set/")
# Insert a row into a complex row-store table.
# WT_CURSOR.get_key should fail.
def test_complex_row_store(self):
uri='table:bug016'
Reported by Pylint.
Line: 105
Column: 13
cursor.set_value('value')
cursor.insert()
self.assertRaisesWithMessage(wiredtiger.WiredTigerError,
lambda: cursor.get_key(), "/requires key be set/")
if __name__ == '__main__':
wttest.run()
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
# test_bug016.py
# WT-2757: WT_CURSOR.get_key() fails after WT_CURSOR.insert unless the
# cursor has a record number key with append configured.
class test_bug016(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 34
Column: 1
# test_bug016.py
# WT-2757: WT_CURSOR.get_key() fails after WT_CURSOR.insert unless the
# cursor has a record number key with append configured.
class test_bug016(wttest.WiredTigerTestCase):
# Insert a row into a simple column-store table configured to append.
# WT_CURSOR.get_key should succeed.
def test_simple_column_store_append(self):
uri='file:bug016'
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_prepare04.py
17 issues
Line: 35
Column: 1
import random
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
def timestamp_str(t):
return '%x' % t
Reported by Pylint.
Line: 110
Column: 68
c_other.set_key(1)
if self.ignore == False and self.after_ts == True:
# Make sure we get the expected prepare conflict message.
self.assertRaisesException(wiredtiger.WiredTigerError, lambda:c_other.search(), preparemsg)
else:
c_other.search()
self.assertTrue(c_other.get_value() == 1)
c_other.set_value(3)
Reported by Pylint.
Line: 118
Column: 64
c_other.set_value(3)
# Make sure we detect the conflict between operations.
self.assertRaisesException(wiredtiger.WiredTigerError, lambda:c_other.update(), conflictmsg)
s_other.rollback_transaction()
self.session.timestamp_transaction('commit_timestamp=' + timestamp_str(300))
self.session.timestamp_transaction('durable_timestamp=' + timestamp_str(300))
self.session.commit_transaction()
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 35
Column: 1
import random
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
def timestamp_str(t):
return '%x' % t
Reported by Pylint.
Line: 35
Column: 1
import random
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wtscenario import make_scenarios
def timestamp_str(t):
return '%x' % t
Reported by Pylint.
Line: 38
Column: 1
import wiredtiger, wttest
from wtscenario import make_scenarios
def timestamp_str(t):
return '%x' % t
class test_prepare04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_prepare_cursor'
uri = 'table:' + tablename
Reported by Pylint.
Line: 38
Column: 1
import wiredtiger, wttest
from wtscenario import make_scenarios
def timestamp_str(t):
return '%x' % t
class test_prepare04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_prepare_cursor'
uri = 'table:' + tablename
Reported by Pylint.
Line: 41
Column: 1
def timestamp_str(t):
return '%x' % t
class test_prepare04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_prepare_cursor'
uri = 'table:' + tablename
session_config = 'isolation=snapshot'
before_ts = timestamp_str(150)
Reported by Pylint.
Line: 41
Column: 1
def timestamp_str(t):
return '%x' % t
class test_prepare04(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_prepare_cursor'
uri = 'table:' + tablename
session_config = 'isolation=snapshot'
before_ts = timestamp_str(150)
Reported by Pylint.
src/third_party/wiredtiger/examples/c/ex_backup.c
17 issues
Line: 66
Column: 17
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
else
(void)snprintf(
buf, sizeof(buf), "../../wt -R -h %s.%d dump logtest > %s.%d", home_full, i, full_out, i);
error_check(system(buf));
/*
* Now run dump on the incremental directory.
*/
(void)snprintf(
buf, sizeof(buf), "../../wt -R -h %s.%d dump logtest > %s.%d", home_incr, i, incr_out, i);
Reported by FlawFinder.
Line: 72
Column: 17
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
*/
(void)snprintf(
buf, sizeof(buf), "../../wt -R -h %s.%d dump logtest > %s.%d", home_incr, i, incr_out, i);
error_check(system(buf));
/*
* Compare the files.
*/
(void)snprintf(buf, sizeof(buf), "cmp %s.%d %s.%d", full_out, i, incr_out, i);
Reported by FlawFinder.
Line: 78
Column: 11
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
* Compare the files.
*/
(void)snprintf(buf, sizeof(buf), "cmp %s.%d %s.%d", full_out, i, incr_out, i);
ret = system(buf);
if (i == 0)
(void)snprintf(msg, sizeof(msg), "%s", "MAIN");
else
(void)snprintf(msg, sizeof(msg), "%d", i);
printf("Iteration %s: Tables %s.%d and %s.%d %s\n", msg, full_out, i, incr_out, i,
Reported by FlawFinder.
Line: 94
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
if (i != 0) {
(void)snprintf(buf, sizeof(buf), "rm -rf %s.%d %s.%d %s.%d %s.%d", home_full, i, home_incr,
i, full_out, i, incr_out, i);
error_check(system(buf));
}
return (ret);
}
/*
Reported by FlawFinder.
Line: 116
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
* original at the end.
*/
(void)snprintf(buf, sizeof(buf), "rm -rf %s.%d && mkdir %s.%d", home_incr, i, home_incr, i);
error_check(system(buf));
if (i == 0)
continue;
/*
* For full backups we need 1-N.
*/
Reported by FlawFinder.
Line: 123
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
* For full backups we need 1-N.
*/
(void)snprintf(buf, sizeof(buf), "rm -rf %s.%d && mkdir %s.%d", home_full, i, home_full, i);
error_check(system(buf));
}
}
static void
add_work(WT_SESSION *session, int iter)
Reported by FlawFinder.
Line: 176
Column: 29
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
for (j = 0; j < MAX_ITERATIONS; j++) {
(void)snprintf(h, sizeof(h), "%s.%d", home_incr, j);
(void)snprintf(buf, sizeof(buf), "cp %s/%s %s/%s", home, filename, h, filename);
error_check(system(buf));
}
else {
(void)snprintf(h, sizeof(h), "%s.%d", home_full, i);
(void)snprintf(buf, sizeof(buf), "cp %s/%s %s/%s", home, filename, hdir, filename);
error_check(system(buf));
Reported by FlawFinder.
Line: 181
Column: 25
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
else {
(void)snprintf(h, sizeof(h), "%s.%d", home_full, i);
(void)snprintf(buf, sizeof(buf), "cp %s/%s %s/%s", home, filename, hdir, filename);
error_check(system(buf));
}
}
scan_end_check(ret == WT_NOTFOUND);
error_check(cursor->close(cursor));
}
Reported by FlawFinder.
Line: 206
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
*/
(void)snprintf(h, sizeof(h), "%s.0", home_incr);
(void)snprintf(buf, sizeof(buf), "cp %s/%s %s/%s", home, filename, h, filename);
error_check(system(buf));
for (j = i; j < MAX_ITERATIONS; j++) {
(void)snprintf(h, sizeof(h), "%s.%d", home_incr, j);
(void)snprintf(buf, sizeof(buf), "cp %s/%s %s/%s", home, filename, h, filename);
error_check(system(buf));
}
Reported by FlawFinder.
Line: 210
Column: 25
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
for (j = i; j < MAX_ITERATIONS; j++) {
(void)snprintf(h, sizeof(h), "%s.%d", home_incr, j);
(void)snprintf(buf, sizeof(buf), "cp %s/%s %s/%s", home, filename, h, filename);
error_check(system(buf));
}
}
scan_end_check(ret == WT_NOTFOUND);
/*
Reported by FlawFinder.