The following issues were found
src/third_party/mozjs-60/extract/js/src/wasm/WasmSignalHandlers.cpp
16 issues
Line: 866
Column: 30
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
// Disassemble the instruction which caused the trap so that we can extract
// information about it and decide what to do.
Disassembler::HeapAccess access;
uint8_t* end = Disassembler::DisassembleHeapAccess(pc, &access);
const Disassembler::ComplexAddress& address = access.address();
MOZ_RELEASE_ASSERT(end > pc);
MOZ_RELEASE_ASSERT(segment->containsCodePC(end));
Reported by FlawFinder.
Line: 867
Column: 61
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
// Disassemble the instruction which caused the trap so that we can extract
// information about it and decide what to do.
Disassembler::HeapAccess access;
uint8_t* end = Disassembler::DisassembleHeapAccess(pc, &access);
const Disassembler::ComplexAddress& address = access.address();
MOZ_RELEASE_ASSERT(end > pc);
MOZ_RELEASE_ASSERT(segment->containsCodePC(end));
// Check x64 asm.js heap access invariants.
Reported by FlawFinder.
Line: 868
Column: 51
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
// information about it and decide what to do.
Disassembler::HeapAccess access;
uint8_t* end = Disassembler::DisassembleHeapAccess(pc, &access);
const Disassembler::ComplexAddress& address = access.address();
MOZ_RELEASE_ASSERT(end > pc);
MOZ_RELEASE_ASSERT(segment->containsCodePC(end));
// Check x64 asm.js heap access invariants.
MOZ_RELEASE_ASSERT(address.disp() >= 0);
Reported by FlawFinder.
Line: 895
Column: 66
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
// address of the start of the access, and the OS may sometimes give us an
// address somewhere in the middle of the heap access.
uint8_t* accessAddress = ComputeAccessAddress(context, address);
MOZ_RELEASE_ASSERT(size_t(faultingAddress - accessAddress) < access.size(),
"Given faulting address does not appear to be within computed "
"faulting address range");
MOZ_RELEASE_ASSERT(accessAddress >= instance.memoryBase(),
"Access begins outside the asm.js heap");
MOZ_RELEASE_ASSERT(accessAddress + access.size() <= instance.memoryBase() +
Reported by FlawFinder.
Line: 900
Column: 40
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
"faulting address range");
MOZ_RELEASE_ASSERT(accessAddress >= instance.memoryBase(),
"Access begins outside the asm.js heap");
MOZ_RELEASE_ASSERT(accessAddress + access.size() <= instance.memoryBase() +
instance.memoryMappedSize(),
"Access extends beyond the asm.js heap guard region");
MOZ_RELEASE_ASSERT(accessAddress + access.size() > instance.memoryBase() +
memoryLength,
"Computed access address is not actually out of bounds");
Reported by FlawFinder.
Line: 903
Column: 40
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
MOZ_RELEASE_ASSERT(accessAddress + access.size() <= instance.memoryBase() +
instance.memoryMappedSize(),
"Access extends beyond the asm.js heap guard region");
MOZ_RELEASE_ASSERT(accessAddress + access.size() > instance.memoryBase() +
memoryLength,
"Computed access address is not actually out of bounds");
// The basic sandbox model is that all heap accesses are a heap base
// register plus an index, and the index is always computed with 32-bit
Reported by FlawFinder.
Line: 923
Column: 19
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
// be hitting this anyway.
intptr_t unwrappedOffset = accessAddress - instance.memoryBase().unwrap(/* for value */);
uint32_t wrappedOffset = uint32_t(unwrappedOffset);
size_t size = access.size();
MOZ_RELEASE_ASSERT(wrappedOffset + size > wrappedOffset);
bool inBounds = wrappedOffset + size < memoryLength;
if (inBounds) {
// We now know that this is an access that is actually in bounds when
Reported by FlawFinder.
Line: 935
Column: 17
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
MOZ_RELEASE_ASSERT(wrappedAddress >= instance.memoryBase());
MOZ_RELEASE_ASSERT(wrappedAddress + size > wrappedAddress);
MOZ_RELEASE_ASSERT(wrappedAddress + size <= instance.memoryBase() + memoryLength);
switch (access.kind()) {
case Disassembler::HeapAccess::Load:
SetRegisterToLoadedValue(context, wrappedAddress.cast<void*>(), size, access.otherOperand());
break;
case Disassembler::HeapAccess::LoadSext32:
SetRegisterToLoadedValueSext32(context, wrappedAddress.cast<void*>(), size, access.otherOperand());
Reported by FlawFinder.
Line: 937
Column: 83
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
MOZ_RELEASE_ASSERT(wrappedAddress + size <= instance.memoryBase() + memoryLength);
switch (access.kind()) {
case Disassembler::HeapAccess::Load:
SetRegisterToLoadedValue(context, wrappedAddress.cast<void*>(), size, access.otherOperand());
break;
case Disassembler::HeapAccess::LoadSext32:
SetRegisterToLoadedValueSext32(context, wrappedAddress.cast<void*>(), size, access.otherOperand());
break;
case Disassembler::HeapAccess::Store:
Reported by FlawFinder.
Line: 940
Column: 89
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
SetRegisterToLoadedValue(context, wrappedAddress.cast<void*>(), size, access.otherOperand());
break;
case Disassembler::HeapAccess::LoadSext32:
SetRegisterToLoadedValueSext32(context, wrappedAddress.cast<void*>(), size, access.otherOperand());
break;
case Disassembler::HeapAccess::Store:
StoreValueFromRegister(context, wrappedAddress.cast<void*>(), size, access.otherOperand());
break;
case Disassembler::HeapAccess::LoadSext64:
Reported by FlawFinder.
src/third_party/wiredtiger/examples/c/ex_all.c
16 issues
Line: 1102
Column: 21
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
error_check(cursor->get_key(cursor, &filename));
(void)snprintf(
buf, sizeof(buf), "cp /path/database/%s /path/database.backup/%s", filename, filename);
error_check(system(buf));
}
scan_end_check(ret == WT_NOTFOUND);
error_check(cursor->close(cursor));
/*! [backup]*/
Reported by FlawFinder.
Line: 887
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
/*! [query timestamp] */
char timestamp_buf[2 * sizeof(uint64_t) + 1];
/*! [transaction timestamp] */
error_check(session->timestamp_transaction(session, "commit_timestamp=2a"));
/*! [transaction timestamp] */
Reported by FlawFinder.
Line: 1065
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
/*! [Pack fields into a buffer] */
char buf[100];
error_check(wiredtiger_struct_pack(session, buf, sizeof(buf), "iSh", 42, "hello", -3));
/*! [Pack fields into a buffer] */
{
/*! [Unpack fields from a buffer] */
Reported by FlawFinder.
Line: 1083
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void
backup(WT_SESSION *session)
{
char buf[1024];
WT_CURSOR *dup_cursor;
/*! [backup]*/
WT_CURSOR *cursor;
const char *filename;
Reported by FlawFinder.
Line: 1197
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* this is outside the example snippet on purpose; don't encourage compiling in keys */
const char *secretkey = "abcdef";
/*! [Configure sodium extension] */
char conf[1024];
snprintf(conf, sizeof(conf),
"create,extensions=[/usr/local/lib/libwiredtiger_sodium.so],"
"encryption=(name=sodium,secretkey=%s)",
secretkey);
error_check(wiredtiger_open(home, NULL, conf, &conn));
Reported by FlawFinder.
Line: 198
Column: 22
CWE codes:
126
/*! [Set the cursor's raw value] */
WT_ITEM value; /* Set the cursor's raw value. */
value.data = "another value";
value.size = strlen("another value");
cursor->set_value(cursor, &value);
/*! [Set the cursor's raw value] */
error_check(cursor->insert(cursor));
}
Reported by FlawFinder.
Line: 237
Column: 17
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{
/*! [Cursor equality] */
int equal;
error_check(cursor->equals(cursor, other, &equal));
if (equal) {
/* Cursors reference the same key */
}
/*! [Cursor equality] */
Reported by FlawFinder.
Line: 238
Column: 56
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{
/*! [Cursor equality] */
int equal;
error_check(cursor->equals(cursor, other, &equal));
if (equal) {
/* Cursors reference the same key */
}
/*! [Cursor equality] */
}
Reported by FlawFinder.
Line: 239
Column: 17
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
/*! [Cursor equality] */
int equal;
error_check(cursor->equals(cursor, other, &equal));
if (equal) {
/* Cursors reference the same key */
}
/*! [Cursor equality] */
}
}
Reported by FlawFinder.
Line: 312
Column: 22
CWE codes:
126
"abcdefghijklmnopqrstuvwxyz"
"abcdefghijklmnopqrstuvwxyz"
"abcdefghijklmnopqrstuvwxyz";
value.size = strlen(value.data);
cursor->set_key(cursor, "some key");
cursor->set_value(cursor, &value);
error_check(cursor->insert(cursor));
}
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_hs11.py
16 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat
# test_hs11.py
# Ensure that updates without timestamps clear the history store records.
Reported by Pylint.
Line: 31
Column: 1
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat
# test_hs11.py
# Ensure that updates without timestamps clear the history store records.
class test_hs11(wttest.WiredTigerTestCase):
conn_config = 'cache_size=50MB,statistics=(all)'
Reported by Pylint.
Line: 55
Column: 24
return str(i)
return i
def get_stat(self, stat):
stat_cursor = self.session.open_cursor('statistics:')
val = stat_cursor[stat][2]
stat_cursor.close()
return val
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat
# test_hs11.py
# Ensure that updates without timestamps clear the history store records.
Reported by Pylint.
Line: 31
Column: 1
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat
# test_hs11.py
# Ensure that updates without timestamps clear the history store records.
class test_hs11(wttest.WiredTigerTestCase):
conn_config = 'cache_size=50MB,statistics=(all)'
Reported by Pylint.
Line: 35
Column: 1
# test_hs11.py
# Ensure that updates without timestamps clear the history store records.
class test_hs11(wttest.WiredTigerTestCase):
conn_config = 'cache_size=50MB,statistics=(all)'
session_config = 'isolation=snapshot'
key_format_values = [
('column', dict(key_format='r')),
('integer-row', dict(key_format='i')),
Reported by Pylint.
Line: 35
Column: 1
# test_hs11.py
# Ensure that updates without timestamps clear the history store records.
class test_hs11(wttest.WiredTigerTestCase):
conn_config = 'cache_size=50MB,statistics=(all)'
session_config = 'isolation=snapshot'
key_format_values = [
('column', dict(key_format='r')),
('integer-row', dict(key_format='i')),
Reported by Pylint.
Line: 50
Column: 5
scenarios = make_scenarios(key_format_values, update_type_values)
nrows = 10000
def create_key(self, i):
if self.key_format == 'S':
return str(i)
return i
def get_stat(self, stat):
Reported by Pylint.
Line: 55
Column: 5
return str(i)
return i
def get_stat(self, stat):
stat_cursor = self.session.open_cursor('statistics:')
val = stat_cursor[stat][2]
stat_cursor.close()
return val
Reported by Pylint.
buildscripts/libdeps/libdeps/analyzer.py
16 issues
Line: 40
Column: 1
import functools
from pathlib import Path
import networkx
from libdeps.graph import CountTypes, DependsReportTypes, LinterTypes, EdgeProps, NodeProps
class UnsupportedAnalyzer(Exception):
Reported by Pylint.
Line: 42
Column: 1
import networkx
from libdeps.graph import CountTypes, DependsReportTypes, LinterTypes, EdgeProps, NodeProps
class UnsupportedAnalyzer(Exception):
"""Thrown when an analyzer is run on a graph with an unsupported schema."""
Reported by Pylint.
Line: 182
Column: 36
def report(self, report):
"""Report the results for the current type."""
report[self._count_type] = self.run()
class NodeCounter(Counter):
"""Counts and reports number of nodes in the graph."""
Reported by Pylint.
Line: 182
Column: 16
def report(self, report):
"""Report the results for the current type."""
report[self._count_type] = self.run()
class NodeCounter(Counter):
"""Counts and reports number of nodes in the graph."""
Reported by Pylint.
Line: 545
Column: 9
def run(self):
"""Use networkx min cut algorithm to find a set of edges."""
from networkx.algorithms.connectivity import minimum_st_edge_cut
# The min cut algorithm will get the min cut nearest the end
# of the direction of the graph, so we we use the reverse graph
# so that we get a cut nearest our from_node, or the first cut we
# would encounter on a given path from the from_node to the to_node.
Reported by Pylint.
Line: 713
Column: 13
"""Run the various dependency reports."""
if LinterTypes.PUBLIC_UNUSED.name in linters:
self.results[LinterTypes.PUBLIC_UNUSED.name] = \
self.libdeps_graph.unused_public_linter()
class GaPrinter:
"""Base class for printers of the graph analysis."""
Reported by Pylint.
Line: 714
Column: 17
if LinterTypes.PUBLIC_UNUSED.name in linters:
self.results[LinterTypes.PUBLIC_UNUSED.name] = \
self.libdeps_graph.unused_public_linter()
class GaPrinter:
"""Base class for printers of the graph analysis."""
Reported by Pylint.
Line: 32
Column: 1
represents the dependency information between all binaries from the build.
"""
import sys
import textwrap
import copy
import json
import inspect
import functools
Reported by Pylint.
Line: 34
Column: 1
import sys
import textwrap
import copy
import json
import inspect
import functools
from pathlib import Path
Reported by Pylint.
Line: 48
Column: 5
class UnsupportedAnalyzer(Exception):
"""Thrown when an analyzer is run on a graph with an unsupported schema."""
pass
# https://stackoverflow.com/a/25959545/1644736
def get_class_that_defined_method(meth):
"""Get the name of the class for given function."""
Reported by Pylint.
src/third_party/mozjs-60/extract/js/src/wasm/WasmValidate.h
16 issues
Line: 360
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
MOZ_MUST_USE bool read(T* out) {
if (bytesRemain() < sizeof(T))
return false;
memcpy((void*)out, cur_, sizeof(T));
cur_ += sizeof(T);
return true;
}
template <class T>
Reported by FlawFinder.
Line: 369
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
T uncheckedRead() {
MOZ_ASSERT(bytesRemain() >= sizeof(T));
T ret;
memcpy(&ret, cur_, sizeof(T));
cur_ += sizeof(T);
return ret;
}
template <class T>
Reported by FlawFinder.
Line: 377
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
template <class T>
void uncheckedRead(T* ret) {
MOZ_ASSERT(bytesRemain() >= sizeof(T));
memcpy(ret, cur_, sizeof(T));
cur_ += sizeof(T);
}
template <typename UInt>
MOZ_MUST_USE bool readVarU(UInt* out) {
Reported by FlawFinder.
Line: 673
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void uncheckedReadFixedI8x16(I8x16* i8x16) {
struct T { I8x16 v; };
T t = uncheckedRead<T>();
memcpy(i8x16, &t, sizeof(t));
}
void uncheckedReadFixedI16x8(I16x8* i16x8) {
struct T { I16x8 v; };
T t = uncheckedRead<T>();
memcpy(i16x8, &t, sizeof(t));
Reported by FlawFinder.
Line: 678
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void uncheckedReadFixedI16x8(I16x8* i16x8) {
struct T { I16x8 v; };
T t = uncheckedRead<T>();
memcpy(i16x8, &t, sizeof(t));
}
void uncheckedReadFixedI32x4(I32x4* i32x4) {
struct T { I32x4 v; };
T t = uncheckedRead<T>();
memcpy(i32x4, &t, sizeof(t));
Reported by FlawFinder.
Line: 683
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void uncheckedReadFixedI32x4(I32x4* i32x4) {
struct T { I32x4 v; };
T t = uncheckedRead<T>();
memcpy(i32x4, &t, sizeof(t));
}
void uncheckedReadFixedF32x4(F32x4* f32x4) {
struct T { F32x4 v; };
T t = uncheckedRead<T>();
memcpy(f32x4, &t, sizeof(t));
Reported by FlawFinder.
Line: 688
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void uncheckedReadFixedF32x4(F32x4* f32x4) {
struct T { F32x4 v; };
T t = uncheckedRead<T>();
memcpy(f32x4, &t, sizeof(t));
}
};
// The local entries are part of function bodies and thus serialized by both
// wasm and asm.js and decoded as part of both validation and compilation.
Reported by FlawFinder.
Line: 357
Column: 23
CWE codes:
120
20
bool resilientMode_;
template <class T>
MOZ_MUST_USE bool read(T* out) {
if (bytesRemain() < sizeof(T))
return false;
memcpy((void*)out, cur_, sizeof(T));
cur_ += sizeof(T);
return true;
Reported by FlawFinder.
Line: 503
Column: 16
CWE codes:
120
20
// attempting to align).
MOZ_MUST_USE bool readFixedU8(uint8_t* i) {
return read<uint8_t>(i);
}
MOZ_MUST_USE bool readFixedU32(uint32_t* u) {
return read<uint32_t>(u);
}
MOZ_MUST_USE bool readFixedF32(float* f) {
Reported by FlawFinder.
Line: 506
Column: 16
CWE codes:
120
20
return read<uint8_t>(i);
}
MOZ_MUST_USE bool readFixedU32(uint32_t* u) {
return read<uint32_t>(u);
}
MOZ_MUST_USE bool readFixedF32(float* f) {
return read<float>(f);
}
MOZ_MUST_USE bool readFixedF64(double* d) {
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/hook_demo.py
16 issues
Line: 59
Column: 5
# Print to /dev/tty for debugging, since anything extraneous to stdout/stderr will
# cause a test error.
def tty(s):
WiredTigerTestCase.tty(s)
# These are the hook functions that are run when particular APIs are called.
# Called to manipulate args for wiredtiger_open
def wiredtiger_open_args(ignored_self, args):
Reported by Pylint.
Line: 53
Column: 1
# hooked method.
from __future__ import print_function
import os, sys, wthooks
from wttest import WiredTigerTestCase
# Print to /dev/tty for debugging, since anything extraneous to stdout/stderr will
# cause a test error.
def tty(s):
Reported by Pylint.
Line: 53
Column: 1
# hooked method.
from __future__ import print_function
import os, sys, wthooks
from wttest import WiredTigerTestCase
# Print to /dev/tty for debugging, since anything extraneous to stdout/stderr will
# cause a test error.
def tty(s):
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 53
Column: 1
# hooked method.
from __future__ import print_function
import os, sys, wthooks
from wttest import WiredTigerTestCase
# Print to /dev/tty for debugging, since anything extraneous to stdout/stderr will
# cause a test error.
def tty(s):
Reported by Pylint.
Line: 58
Column: 1
# Print to /dev/tty for debugging, since anything extraneous to stdout/stderr will
# cause a test error.
def tty(s):
WiredTigerTestCase.tty(s)
# These are the hook functions that are run when particular APIs are called.
# Called to manipulate args for wiredtiger_open
Reported by Pylint.
Line: 58
Column: 1
# Print to /dev/tty for debugging, since anything extraneous to stdout/stderr will
# cause a test error.
def tty(s):
WiredTigerTestCase.tty(s)
# These are the hook functions that are run when particular APIs are called.
# Called to manipulate args for wiredtiger_open
Reported by Pylint.
Line: 64
Column: 1
# These are the hook functions that are run when particular APIs are called.
# Called to manipulate args for wiredtiger_open
def wiredtiger_open_args(ignored_self, args):
tty('>>> wiredtiger_open, adding cache_size')
args = list(args) # convert from a readonly tuple to a writeable list
args[-1] += ',,,cache_size=500M,,,' # modify the last arg
return args
Reported by Pylint.
Line: 71
Column: 1
return args
# Called to notify after successful wiredtiger_open
def wiredtiger_open_notify(ignored_self, ret, *args):
tty('>>> wiredtiger_open({}) returned {}'.format(args, ret))
# Called to notify after successful Session.open_cursor
def session_open_cursor_notify(self, ret, *args):
tty('>>> session.open_cursor({}) returned {}, session is {}'.format(args, ret, self))
Reported by Pylint.
Line: 75
Column: 1
tty('>>> wiredtiger_open({}) returned {}'.format(args, ret))
# Called to notify after successful Session.open_cursor
def session_open_cursor_notify(self, ret, *args):
tty('>>> session.open_cursor({}) returned {}, session is {}'.format(args, ret, self))
# Called to replace Session.create
# We do different things (described above) as indicated by our command line argument.
def session_create_replace(arg, orig_session_create, session_self, uri, config):
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_stat03.py
16 issues
Line: 32
Column: 1
# [TEST_TAGS]
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 34
Column: 1
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
# test_stat03.py
Reported by Pylint.
Line: 32
Column: 1
# [TEST_TAGS]
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 32
Column: 1
# [TEST_TAGS]
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 33
Column: 1
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 32
Column: 1
# [TEST_TAGS]
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 34
Column: 1
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
# test_stat03.py
Reported by Pylint.
Line: 41
Column: 1
# test_stat03.py
# Statistics reset test.
class test_stat_cursor_reset(wttest.WiredTigerTestCase):
pfx = 'test_stat_cursor_reset'
uri = [
('file-simple', dict(uri='file:' + pfx, dataset=SimpleDataSet)),
('table-simple', dict(uri='table:' + pfx, dataset=SimpleDataSet)),
('table-complex', dict(uri='table:' + pfx, dataset=ComplexDataSet)),
Reported by Pylint.
Line: 41
Column: 1
# test_stat03.py
# Statistics reset test.
class test_stat_cursor_reset(wttest.WiredTigerTestCase):
pfx = 'test_stat_cursor_reset'
uri = [
('file-simple', dict(uri='file:' + pfx, dataset=SimpleDataSet)),
('table-simple', dict(uri='table:' + pfx, dataset=SimpleDataSet)),
('table-complex', dict(uri='table:' + pfx, dataset=ComplexDataSet)),
Reported by Pylint.
src/third_party/wiredtiger/test/3rdparty/python-subunit-0.0.16/python/subunit/tests/test_run.py
16 issues
Line: 17
Column: 1
# limitations under that license.
#
from testtools.compat import BytesIO
import unittest
from testtools import PlaceHolder, TestCase
from testtools.testresult.doubles import StreamResult
Reported by Pylint.
Line: 20
Column: 1
from testtools.compat import BytesIO
import unittest
from testtools import PlaceHolder, TestCase
from testtools.testresult.doubles import StreamResult
import subunit
from subunit import run
from subunit.run import SubunitTestRunner
Reported by Pylint.
Line: 21
Column: 1
import unittest
from testtools import PlaceHolder, TestCase
from testtools.testresult.doubles import StreamResult
import subunit
from subunit import run
from subunit.run import SubunitTestRunner
Reported by Pylint.
Line: 38
Column: 46
io.seek(0)
eventstream = StreamResult()
subunit.ByteStreamToStreamResult(io).run(eventstream)
timestamps = [event[-1] for event in eventstream._events
if event is not None]
self.assertNotEqual([], timestamps)
def test_enumerates_tests_before_run(self):
io = BytesIO()
Reported by Pylint.
Line: 55
Column: 40
self.assertEqual([
('status', 'name1', 'exists'),
('status', 'name2', 'exists'),
], [event[:3] for event in eventstream._events[:2]])
def test_list_errors_if_errors_from_list_test(self):
io = BytesIO()
runner = SubunitTestRunner(stream=io)
def list_test(test):
Reported by Pylint.
Line: 60
Column: 23
def test_list_errors_if_errors_from_list_test(self):
io = BytesIO()
runner = SubunitTestRunner(stream=io)
def list_test(test):
return [], ['failed import']
self.patch(run, 'list_test', list_test)
exc = self.assertRaises(SystemExit, runner.list, None)
self.assertEqual((2,), exc.args)
Reported by Pylint.
Line: 1
Column: 1
#
# subunit: extensions to python unittest to get test results from subprocesses.
# Copyright (C) 2011 Robert Collins <robertc@robertcollins.net>
#
# Licensed under either the Apache License, Version 2.0 or the BSD 3-clause
# license at the users choice. A copy of both licenses are available in the
# project source as Apache-2.0 and BSD. You may not use this file except in
# compliance with one of these two licences.
#
Reported by Pylint.
Line: 9
Column: 2
# license at the users choice. A copy of both licenses are available in the
# project source as Apache-2.0 and BSD. You may not use this file except in
# compliance with one of these two licences.
#
# Unless required by applicable law or agreed to in writing, software
# distributed under these licenses is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# license you chose for the specific language governing permissions and
# limitations under that license.
Reported by Pylint.
Line: 18
Column: 1
#
from testtools.compat import BytesIO
import unittest
from testtools import PlaceHolder, TestCase
from testtools.testresult.doubles import StreamResult
import subunit
Reported by Pylint.
Line: 28
Column: 1
from subunit.run import SubunitTestRunner
class TestSubunitTestRunner(TestCase):
def test_includes_timing_output(self):
io = BytesIO()
runner = SubunitTestRunner(stream=io)
test = PlaceHolder('name')
Reported by Pylint.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Tool/PharLapCommon.py
16 issues
Line: 52
Column: 14
try:
k=SCons.Util.RegOpenKeyEx(SCons.Util.HKEY_LOCAL_MACHINE,
'SOFTWARE\\Pharlap\\ETS')
val, type = SCons.Util.RegQueryValueEx(k, 'BaseDir')
# The following is a hack...there is (not surprisingly)
# an odd issue in the Phar Lap plug in that inserts
# a bunch of junk data after the phar lap path in the
# registry. We must trim it.
Reported by Pylint.
Line: 52
Column: 14
try:
k=SCons.Util.RegOpenKeyEx(SCons.Util.HKEY_LOCAL_MACHINE,
'SOFTWARE\\Pharlap\\ETS')
val, type = SCons.Util.RegQueryValueEx(k, 'BaseDir')
# The following is a hack...there is (not surprisingly)
# an odd issue in the Phar Lap plug in that inserts
# a bunch of junk data after the phar lap path in the
# registry. We must trim it.
Reported by Pylint.
Line: 64
Column: 9
return os.path.normpath(val)
except SCons.Util.RegError:
raise SCons.Errors.UserError("Cannot find Phar Lap ETS path in the registry. Is it installed properly?")
REGEX_ETS_VER = re.compile(r'#define\s+ETS_VER\s+([0-9]+)')
def getPharLapVersion():
"""Returns the version of the installed ETS Tool Suite as a
Reported by Pylint.
Line: 1
Column: 1
"""SCons.Tool.PharLapCommon
This module contains common code used by all Tools for the
Phar Lap ETS tool chain. Right now, this is linkloc and
386asm.
"""
#
Reported by Pylint.
Line: 32
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
__revision__ = "src/engine/SCons/Tool/PharLapCommon.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import os
import os.path
import SCons.Errors
import SCons.Util
Reported by Pylint.
Line: 38
Column: 1
import os.path
import SCons.Errors
import SCons.Util
import re
def getPharLapPath():
"""Reads the registry to find the installed path of the Phar Lap ETS
development kit.
Reported by Pylint.
Line: 40
Column: 1
import SCons.Util
import re
def getPharLapPath():
"""Reads the registry to find the installed path of the Phar Lap ETS
development kit.
Raises UserError if no installed version of Phar Lap can
be found."""
Reported by Pylint.
Line: 61
Column: 1
idx=val.find('\0')
if idx >= 0:
val = val[:idx]
return os.path.normpath(val)
except SCons.Util.RegError:
raise SCons.Errors.UserError("Cannot find Phar Lap ETS path in the registry. Is it installed properly?")
REGEX_ETS_VER = re.compile(r'#define\s+ETS_VER\s+([0-9]+)')
Reported by Pylint.
Line: 64
Column: 1
return os.path.normpath(val)
except SCons.Util.RegError:
raise SCons.Errors.UserError("Cannot find Phar Lap ETS path in the registry. Is it installed properly?")
REGEX_ETS_VER = re.compile(r'#define\s+ETS_VER\s+([0-9]+)')
def getPharLapVersion():
"""Returns the version of the installed ETS Tool Suite as a
Reported by Pylint.
Line: 68
Column: 1
REGEX_ETS_VER = re.compile(r'#define\s+ETS_VER\s+([0-9]+)')
def getPharLapVersion():
"""Returns the version of the installed ETS Tool Suite as a
decimal number. This version comes from the ETS_VER #define in
the embkern.h header. For example, '#define ETS_VER 1010' (which
is what Phar Lap 10.1 defines) would cause this method to return
1010. Phar Lap 9.1 does not have such a #define, but this method
Reported by Pylint.
src/third_party/wiredtiger/test/format/wts.c
16 issues
Line: 293
Column: 40
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
/* Extensions. */
CONFIG_APPEND(p, ",extensions=[\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\"],",
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
Reported by FlawFinder.
Line: 294
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
/* Extensions. */
CONFIG_APPEND(p, ",extensions=[\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\"],",
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
Reported by FlawFinder.
Line: 295
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
CONFIG_APPEND(p, ",extensions=[\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\"],",
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
* Put configuration file configuration options second to last. Put command line configuration
Reported by FlawFinder.
Line: 296
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
* Put configuration file configuration options second to last. Put command line configuration
* options at the end. Do this so they override the standard configuration.
Reported by FlawFinder.
Line: 296
Column: 54
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
* Put configuration file configuration options second to last. Put command line configuration
* options at the end. Do this so they override the standard configuration.
Reported by FlawFinder.
Line: 297
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
* Put configuration file configuration options second to last. Put command line configuration
* options at the end. Do this so they override the standard configuration.
*/
Reported by FlawFinder.
Line: 446
Column: 16
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
len = strlen(g.home) * 3 + strlen(FORMAT_HOME_INIT_CMD) + 1;
cmd = dmalloc(len);
testutil_check(__wt_snprintf(cmd, len, FORMAT_HOME_INIT_CMD, g.home, g.home, g.home));
if ((ret = system(cmd)) != 0)
testutil_die(ret, "home initialization (\"%s\") failed", cmd);
free(cmd);
create_database(home, &conn);
create_object(conn);
Reported by FlawFinder.
Line: 186
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
WT_CONNECTION *conn;
size_t max;
char config[8 * 1024], *p;
const char *enc;
p = config;
max = sizeof(config);
Reported by FlawFinder.
Line: 326
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_SESSION *session;
size_t max;
uint32_t maxintlkey, maxleafkey, maxleafvalue;
char config[4096], *p;
p = config;
max = sizeof(config);
CONFIG_APPEND(p,
Reported by FlawFinder.
Line: 467
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
WT_CONNECTION *conn;
size_t max;
char config[1024], *p;
const char *enc;
*connp = NULL;
*sessionp = NULL;
Reported by FlawFinder.