The following issues were found
src/third_party/wiredtiger/test/3rdparty/testtools-0.9.34/testtools/_spinner.py
16 issues
Line: 41
Column: 1
% (function,))
def not_reentrant(function, _calls={}):
"""Decorates a function as not being re-entrant.
The decorated function will raise an error if called from within itself.
"""
def decorated(*args, **kwargs):
Reported by Pylint.
Line: 119
Column: 1
return result, errors
class TimeoutError(Exception):
"""Raised when run_in_reactor takes too long to run a function."""
def __init__(self, function, timeout):
Exception.__init__(self,
"%r took longer than %s seconds" % (function, timeout))
Reported by Pylint.
Line: 205
Column: 29
self._cancel_timeout()
self._success = result
def _stop_reactor(self, ignored=None):
"""Stop the reactor!"""
self._reactor.crash()
def _timed_out(self, function, timeout):
e = TimeoutError(function, timeout)
Reported by Pylint.
Line: 223
Column: 13
work (e.g. cancelling a call, actually closing a connection) for the
reactor to do.
"""
for i in range(self._OBLIGATORY_REACTOR_ITERATIONS):
self._reactor.iterate(0)
junk = []
for delayed_call in self._reactor.getDelayedCalls():
delayed_call.cancel()
junk.append(delayed_call)
Reported by Pylint.
Line: 236
Column: 17
junk.append(selectable)
if IReactorThreads.providedBy(self._reactor):
if self._reactor.threadpool is not None:
self._reactor._stopThreadPool()
self._junk.extend(junk)
return junk
def clear_junk(self):
"""Clear out our recorded junk.
Reported by Pylint.
Line: 25
Column: 1
from testtools.monkey import MonkeyPatcher
from twisted.internet import defer
from twisted.internet.base import DelayedCall
from twisted.internet.interfaces import IReactorThreads
from twisted.python.failure import Failure
from twisted.python.util import mergeFunctionMetadata
Reported by Pylint.
Line: 26
Column: 1
from testtools.monkey import MonkeyPatcher
from twisted.internet import defer
from twisted.internet.base import DelayedCall
from twisted.internet.interfaces import IReactorThreads
from twisted.python.failure import Failure
from twisted.python.util import mergeFunctionMetadata
Reported by Pylint.
Line: 27
Column: 1
from twisted.internet import defer
from twisted.internet.base import DelayedCall
from twisted.internet.interfaces import IReactorThreads
from twisted.python.failure import Failure
from twisted.python.util import mergeFunctionMetadata
class ReentryError(Exception):
Reported by Pylint.
Line: 28
Column: 1
from twisted.internet import defer
from twisted.internet.base import DelayedCall
from twisted.internet.interfaces import IReactorThreads
from twisted.python.failure import Failure
from twisted.python.util import mergeFunctionMetadata
class ReentryError(Exception):
"""Raised when we try to re-enter a function that forbids it."""
Reported by Pylint.
Line: 29
Column: 1
from twisted.internet.base import DelayedCall
from twisted.internet.interfaces import IReactorThreads
from twisted.python.failure import Failure
from twisted.python.util import mergeFunctionMetadata
class ReentryError(Exception):
"""Raised when we try to re-enter a function that forbids it."""
Reported by Pylint.
src/third_party/wiredtiger/test/format/wts.c
16 issues
Line: 293
Column: 40
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
/* Extensions. */
CONFIG_APPEND(p, ",extensions=[\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\"],",
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
Reported by FlawFinder.
Line: 294
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
/* Extensions. */
CONFIG_APPEND(p, ",extensions=[\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\"],",
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
Reported by FlawFinder.
Line: 295
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
CONFIG_APPEND(p, ",extensions=[\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\"],",
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
* Put configuration file configuration options second to last. Put command line configuration
Reported by FlawFinder.
Line: 296
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
* Put configuration file configuration options second to last. Put command line configuration
* options at the end. Do this so they override the standard configuration.
Reported by FlawFinder.
Line: 296
Column: 54
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
g.c_reverse ? REVERSE_PATH : "", access(LZ4_PATH, R_OK) == 0 ? LZ4_PATH : "",
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
* Put configuration file configuration options second to last. Put command line configuration
* options at the end. Do this so they override the standard configuration.
Reported by FlawFinder.
Line: 297
Column: 7
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
access(ROTN_PATH, R_OK) == 0 ? ROTN_PATH : "",
access(SNAPPY_PATH, R_OK) == 0 ? SNAPPY_PATH : "",
access(ZLIB_PATH, R_OK) == 0 ? ZLIB_PATH : "", access(ZSTD_PATH, R_OK) == 0 ? ZSTD_PATH : "",
access(SODIUM_PATH, R_OK) == 0 ? SODIUM_PATH : "");
/*
* Put configuration file configuration options second to last. Put command line configuration
* options at the end. Do this so they override the standard configuration.
*/
Reported by FlawFinder.
Line: 446
Column: 16
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
len = strlen(g.home) * 3 + strlen(FORMAT_HOME_INIT_CMD) + 1;
cmd = dmalloc(len);
testutil_check(__wt_snprintf(cmd, len, FORMAT_HOME_INIT_CMD, g.home, g.home, g.home));
if ((ret = system(cmd)) != 0)
testutil_die(ret, "home initialization (\"%s\") failed", cmd);
free(cmd);
create_database(home, &conn);
create_object(conn);
Reported by FlawFinder.
Line: 186
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
WT_CONNECTION *conn;
size_t max;
char config[8 * 1024], *p;
const char *enc;
p = config;
max = sizeof(config);
Reported by FlawFinder.
Line: 326
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
WT_SESSION *session;
size_t max;
uint32_t maxintlkey, maxleafkey, maxleafvalue;
char config[4096], *p;
p = config;
max = sizeof(config);
CONFIG_APPEND(p,
Reported by FlawFinder.
Line: 467
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
WT_CONNECTION *conn;
size_t max;
char config[1024], *p;
const char *enc;
*connp = NULL;
*sessionp = NULL;
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_cursor17.py
16 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat, WT_NOTFOUND
# test_cursor17.py
# Test the cursor traversal optimization for delete heavy workloads. This optimization enables
Reported by Pylint.
Line: 31
Column: 1
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat, WT_NOTFOUND
# test_cursor17.py
# Test the cursor traversal optimization for delete heavy workloads. This optimization enables
# cursor traversal mechanism to skip pages where all records on the page are deleted with a
# tombstone visible to the current transaction.
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat, WT_NOTFOUND
# test_cursor17.py
# Test the cursor traversal optimization for delete heavy workloads. This optimization enables
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat, WT_NOTFOUND
# test_cursor17.py
# Test the cursor traversal optimization for delete heavy workloads. This optimization enables
# cursor traversal mechanism to skip pages where all records on the page are deleted with a
Reported by Pylint.
Line: 31
Column: 1
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat, WT_NOTFOUND
# test_cursor17.py
# Test the cursor traversal optimization for delete heavy workloads. This optimization enables
# cursor traversal mechanism to skip pages where all records on the page are deleted with a
# tombstone visible to the current transaction.
Reported by Pylint.
Line: 41
Column: 24
conn_config = 'cache_size=50MB,statistics=(all)'
session_config = 'isolation=snapshot'
def get_stat(self, stat, uri):
stat_string = 'statistics:'
if (uri):
stat_string += uri
stat_cursor = self.session.open_cursor(stat_string)
val = stat_cursor[stat][2]
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-2020 MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat, WT_NOTFOUND
# test_cursor17.py
# Test the cursor traversal optimization for delete heavy workloads. This optimization enables
Reported by Pylint.
Line: 31
Column: 1
import wiredtiger, wttest
from wtscenario import make_scenarios
from wiredtiger import stat, WT_NOTFOUND
# test_cursor17.py
# Test the cursor traversal optimization for delete heavy workloads. This optimization enables
# cursor traversal mechanism to skip pages where all records on the page are deleted with a
# tombstone visible to the current transaction.
Reported by Pylint.
Line: 37
Column: 1
# Test the cursor traversal optimization for delete heavy workloads. This optimization enables
# cursor traversal mechanism to skip pages where all records on the page are deleted with a
# tombstone visible to the current transaction.
class test_cursor17(wttest.WiredTigerTestCase):
conn_config = 'cache_size=50MB,statistics=(all)'
session_config = 'isolation=snapshot'
def get_stat(self, stat, uri):
stat_string = 'statistics:'
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_stat03.py
16 issues
Line: 32
Column: 1
# [TEST_TAGS]
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 34
Column: 1
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
# test_stat03.py
Reported by Pylint.
Line: 32
Column: 1
# [TEST_TAGS]
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 32
Column: 1
# [TEST_TAGS]
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 33
Column: 1
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 32
Column: 1
# [TEST_TAGS]
# cursors:statistics
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
Reported by Pylint.
Line: 34
Column: 1
# [END_TAGS]
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
from wtscenario import make_scenarios
# test_stat03.py
Reported by Pylint.
Line: 41
Column: 1
# test_stat03.py
# Statistics reset test.
class test_stat_cursor_reset(wttest.WiredTigerTestCase):
pfx = 'test_stat_cursor_reset'
uri = [
('file-simple', dict(uri='file:' + pfx, dataset=SimpleDataSet)),
('table-simple', dict(uri='table:' + pfx, dataset=SimpleDataSet)),
('table-complex', dict(uri='table:' + pfx, dataset=ComplexDataSet)),
Reported by Pylint.
Line: 41
Column: 1
# test_stat03.py
# Statistics reset test.
class test_stat_cursor_reset(wttest.WiredTigerTestCase):
pfx = 'test_stat_cursor_reset'
uri = [
('file-simple', dict(uri='file:' + pfx, dataset=SimpleDataSet)),
('table-simple', dict(uri='table:' + pfx, dataset=SimpleDataSet)),
('table-complex', dict(uri='table:' + pfx, dataset=ComplexDataSet)),
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_stat05.py
16 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
Reported by Pylint.
Line: 32
Column: 1
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
# test_stat05.py
# Statistics cursor using size only
class test_stat_cursor_config(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
# test_stat05.py
Reported by Pylint.
Line: 32
Column: 1
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
# test_stat05.py
# Statistics cursor using size only
class test_stat_cursor_config(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
Reported by Pylint.
Line: 32
Column: 1
import itertools, wiredtiger, wttest
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
from wiredtiger import stat
from wtdataset import SimpleDataSet, ComplexDataSet, ComplexLSMDataSet
# test_stat05.py
# Statistics cursor using size only
class test_stat_cursor_config(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 37
Column: 1
# test_stat05.py
# Statistics cursor using size only
class test_stat_cursor_config(wttest.WiredTigerTestCase):
pfx = 'test_stat_cursor_size'
conn_config = 'statistics=(fast)'
uri = [
('file', dict(uri='file:' + pfx, dataset=SimpleDataSet, cfg='')),
Reported by Pylint.
src/third_party/boost/boost/chrono/io_v1/chrono_io.hpp
16 issues
Line: 314
Column: 28
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
if (!is.good() || (x != '/'))
{
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
is.setstate(is.failbit);
return is;
}
i = in_iterator(is);
if (*i != ']')
{
Reported by FlawFinder.
Line: 321
Column: 28
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
if (*i != ']')
{
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
is.setstate(is.failbit);
return is;
}
++i;
const std::basic_string<CharT> units[] =
{
Reported by FlawFinder.
Line: 337
Column: 24
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
//~ std::use_facet<std::ctype<CharT> >(loc),
err);
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
is.setstate(err);
switch ((k - units) / 3)
{
case 0:
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
break;
Reported by FlawFinder.
Line: 344
Column: 28
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
break;
default:
is.setstate(err);
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
return is;
}
}
else
Reported by FlawFinder.
Line: 499
Column: 28
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
break;
default:
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
is.setstate(err|is.failbit);
return is;
}
}
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
// unit is num/den
Reported by FlawFinder.
Line: 518
Column: 24
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
{
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
// (num/den) / Period overflows
is.setstate(err|is.failbit);
return is;
}
num *= d2;
den *= n2;
Reported by FlawFinder.
Line: 531
Column: 22
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
if (!chrono_detail::reduce(r, den, err))
{
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
is.setstate(err|is.failbit);
return is;
}
//if (r > ((duration_values<common_type_t>::max)() / num))
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
Reported by FlawFinder.
Line: 541
Column: 24
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
{
// Conversion to Period overflowed
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
is.setstate(err|is.failbit);
return is;
}
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
common_type_t t = r * num;
t /= den;
Reported by FlawFinder.
Line: 556
Column: 24
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
{
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
// Conversion to Period overflowed
is.setstate(err|is.failbit);
return is;
}
}
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
// Success! Store it.
Reported by FlawFinder.
Line: 563
Column: 20
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
// Success! Store it.
d = duration<Rep, Period>(Rep(t));
is.setstate(err);
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
return is;
}
else {
//std::cerr << __FILE__ << "[" << __LINE__ << "]"<< std::endl;
Reported by FlawFinder.
src/third_party/gperftools/dist/src/heap-profiler.cc
16 issues
Line: 279
Column: 7
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (FLAGS_heap_profile_allocation_interval > 0 &&
total.alloc_size >=
last_dump_alloc + FLAGS_heap_profile_allocation_interval) {
snprintf(buf, sizeof(buf), ("%" PRId64 " MB allocated cumulatively, "
"%" PRId64 " MB currently in use"),
total.alloc_size >> 20, inuse_bytes >> 20);
need_to_dump = true;
} else if (FLAGS_heap_profile_deallocation_interval > 0 &&
total.free_size >=
Reported by FlawFinder.
Line: 286
Column: 7
CWE codes:
134
Suggestion:
Use a constant for the format specification
} else if (FLAGS_heap_profile_deallocation_interval > 0 &&
total.free_size >=
last_dump_free + FLAGS_heap_profile_deallocation_interval) {
snprintf(buf, sizeof(buf), ("%" PRId64 " MB freed cumulatively, "
"%" PRId64 " MB currently in use"),
total.free_size >> 20, inuse_bytes >> 20);
need_to_dump = true;
} else if (FLAGS_heap_profile_inuse_interval > 0 &&
inuse_bytes >
Reported by FlawFinder.
Line: 603
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
const int64 inuse_bytes = total.alloc_size - total.free_size;
if ((inuse_bytes >> 20) > 0) {
snprintf(buf, sizeof(buf), ("Exiting, %" PRId64 " MB in use"),
inuse_bytes >> 20);
} else if ((inuse_bytes >> 10) > 0) {
snprintf(buf, sizeof(buf), ("Exiting, %" PRId64 " kB in use"),
inuse_bytes >> 10);
} else {
Reported by FlawFinder.
Line: 606
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
snprintf(buf, sizeof(buf), ("Exiting, %" PRId64 " MB in use"),
inuse_bytes >> 20);
} else if ((inuse_bytes >> 10) > 0) {
snprintf(buf, sizeof(buf), ("Exiting, %" PRId64 " kB in use"),
inuse_bytes >> 10);
} else {
snprintf(buf, sizeof(buf), ("Exiting, %" PRId64 " bytes in use"),
inuse_bytes);
}
Reported by FlawFinder.
Line: 609
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
snprintf(buf, sizeof(buf), ("Exiting, %" PRId64 " kB in use"),
inuse_bytes >> 10);
} else {
snprintf(buf, sizeof(buf), ("Exiting, %" PRId64 " bytes in use"),
inuse_bytes);
}
} else {
snprintf(buf, sizeof(buf), ("Exiting"));
}
Reported by FlawFinder.
Line: 613
Column: 7
CWE codes:
134
Suggestion:
Use a constant for the format specification
inuse_bytes);
}
} else {
snprintf(buf, sizeof(buf), ("Exiting"));
}
HeapProfilerDump(buf);
}
};
Reported by FlawFinder.
Line: 576
Column: 29
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
#endif
char *signal_number_str = getenv("HEAPPROFILESIGNAL");
if (signal_number_str != NULL) {
long int signal_number = strtol(signal_number_str, NULL, 10);
intptr_t old_signal_handler = reinterpret_cast<intptr_t>(signal(signal_number, HeapProfilerDumpSignal));
if (old_signal_handler == reinterpret_cast<intptr_t>(SIG_ERR)) {
RAW_LOG(FATAL, "Failed to set signal. Perhaps signal number %s is invalid\n", signal_number_str);
Reported by FlawFinder.
Line: 232
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
dumping = true;
// Make file name
char file_name[1000];
dump_count++;
snprintf(file_name, sizeof(file_name), "%s.%04d%s",
filename_prefix, dump_count, HeapProfileTable::kFileExt);
// Dump the profile
Reported by FlawFinder.
Line: 274
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const HeapProfileTable::Stats& total = heap_profile->total();
const int64 inuse_bytes = total.alloc_size - total.free_size;
bool need_to_dump = false;
char buf[128];
if (FLAGS_heap_profile_allocation_interval > 0 &&
total.alloc_size >=
last_dump_alloc + FLAGS_heap_profile_allocation_interval) {
snprintf(buf, sizeof(buf), ("%" PRId64 " MB allocated cumulatively, "
Reported by FlawFinder.
Line: 485
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
RAW_DCHECK(filename_prefix == NULL, "");
const int prefix_length = strlen(prefix);
filename_prefix = reinterpret_cast<char*>(ProfilerMalloc(prefix_length + 1));
memcpy(filename_prefix, prefix, prefix_length);
filename_prefix[prefix_length] = '\0';
}
extern "C" int IsHeapProfilerRunning() {
SpinLockHolder l(&heap_lock);
Reported by FlawFinder.
src/third_party/boost/boost/asio/read.hpp
16 issues
Line: 78
Column: 13
CWE codes:
120
20
* boost::asio::transfer_all()); @endcode
*/
template <typename SyncReadStream, typename MutableBufferSequence>
std::size_t read(SyncReadStream& s, const MutableBufferSequence& buffers,
typename constraint<
is_mutable_buffer_sequence<MutableBufferSequence>::value
>::type = 0);
/// Attempt to read a certain amount of data from a stream before returning.
Reported by FlawFinder.
Line: 120
Column: 13
CWE codes:
120
20
* boost::asio::transfer_all(), ec); @endcode
*/
template <typename SyncReadStream, typename MutableBufferSequence>
std::size_t read(SyncReadStream& s, const MutableBufferSequence& buffers,
boost::system::error_code& ec,
typename constraint<
is_mutable_buffer_sequence<MutableBufferSequence>::value
>::type = 0);
Reported by FlawFinder.
Line: 174
Column: 13
CWE codes:
120
20
*/
template <typename SyncReadStream, typename MutableBufferSequence,
typename CompletionCondition>
std::size_t read(SyncReadStream& s, const MutableBufferSequence& buffers,
CompletionCondition completion_condition,
typename constraint<
is_mutable_buffer_sequence<MutableBufferSequence>::value
>::type = 0);
Reported by FlawFinder.
Line: 221
Column: 13
CWE codes:
120
20
*/
template <typename SyncReadStream, typename MutableBufferSequence,
typename CompletionCondition>
std::size_t read(SyncReadStream& s, const MutableBufferSequence& buffers,
CompletionCondition completion_condition, boost::system::error_code& ec,
typename constraint<
is_mutable_buffer_sequence<MutableBufferSequence>::value
>::type = 0);
Reported by FlawFinder.
Line: 257
Column: 13
CWE codes:
120
20
* boost::asio::transfer_all()); @endcode
*/
template <typename SyncReadStream, typename DynamicBuffer_v1>
std::size_t read(SyncReadStream& s,
BOOST_ASIO_MOVE_ARG(DynamicBuffer_v1) buffers,
typename constraint<
is_dynamic_buffer_v1<typename decay<DynamicBuffer_v1>::type>::value
>::type = 0,
typename constraint<
Reported by FlawFinder.
Line: 293
Column: 13
CWE codes:
120
20
* boost::asio::transfer_all(), ec); @endcode
*/
template <typename SyncReadStream, typename DynamicBuffer_v1>
std::size_t read(SyncReadStream& s,
BOOST_ASIO_MOVE_ARG(DynamicBuffer_v1) buffers,
boost::system::error_code& ec,
typename constraint<
is_dynamic_buffer_v1<typename decay<DynamicBuffer_v1>::type>::value
>::type = 0,
Reported by FlawFinder.
Line: 341
Column: 13
CWE codes:
120
20
*/
template <typename SyncReadStream, typename DynamicBuffer_v1,
typename CompletionCondition>
std::size_t read(SyncReadStream& s,
BOOST_ASIO_MOVE_ARG(DynamicBuffer_v1) buffers,
CompletionCondition completion_condition,
typename constraint<
is_dynamic_buffer_v1<typename decay<DynamicBuffer_v1>::type>::value
>::type = 0,
Reported by FlawFinder.
Line: 390
Column: 13
CWE codes:
120
20
*/
template <typename SyncReadStream, typename DynamicBuffer_v1,
typename CompletionCondition>
std::size_t read(SyncReadStream& s,
BOOST_ASIO_MOVE_ARG(DynamicBuffer_v1) buffers,
CompletionCondition completion_condition, boost::system::error_code& ec,
typename constraint<
is_dynamic_buffer_v1<typename decay<DynamicBuffer_v1>::type>::value
>::type = 0,
Reported by FlawFinder.
Line: 430
Column: 13
CWE codes:
120
20
* boost::asio::transfer_all()); @endcode
*/
template <typename SyncReadStream, typename Allocator>
std::size_t read(SyncReadStream& s, basic_streambuf<Allocator>& b);
/// Attempt to read a certain amount of data from a stream before returning.
/**
* This function is used to read a certain number of bytes of data from a
* stream. The call will block until one of the following conditions is true:
Reported by FlawFinder.
Line: 459
Column: 13
CWE codes:
120
20
* boost::asio::transfer_all(), ec); @endcode
*/
template <typename SyncReadStream, typename Allocator>
std::size_t read(SyncReadStream& s, basic_streambuf<Allocator>& b,
boost::system::error_code& ec);
/// Attempt to read a certain amount of data from a stream before returning.
/**
* This function is used to read a certain number of bytes of data from a
Reported by FlawFinder.
src/third_party/wiredtiger/test/3rdparty/python-subunit-0.0.16/python/subunit/iso8601.py
16 issues
Line: 51
Column: 5
minus = "-".encode('latin-1')
if sys.version_info < (3, 0):
bytes = str
class ParseError(Exception):
"""Raised when there is a problem parsing a date string"""
Reported by Pylint.
Line: 2
Column: 2
# Copyright (c) 2007 Michael Twomey
#
# Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
Reported by Pylint.
Line: 10
Column: 2
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
#
# The above copyright notice and this permission notice shall be included
# in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
Reported by Pylint.
Line: 13
Column: 2
#
# The above copyright notice and this permission notice shall be included
# in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
Reported by Pylint.
Line: 40
Column: 1
# Adapted from http://delete.me.uk/2005/03/iso8601.html
ISO8601_REGEX_PATTERN = (r"(?P<year>[0-9]{4})(-(?P<month>[0-9]{1,2})(-(?P<day>[0-9]{1,2})"
r"((?P<separator>.)(?P<hour>[0-9]{2}):(?P<minute>[0-9]{2})(:(?P<second>[0-9]{2})(\.(?P<fraction>[0-9]+))?)?"
r"(?P<timezone>Z|(([-+])([0-9]{2}):([0-9]{2})))?)?)?)?"
)
TIMEZONE_REGEX_PATTERN = "(?P<prefix>[+-])(?P<hours>[0-9]{2}).(?P<minutes>[0-9]{2})"
ISO8601_REGEX = re.compile(ISO8601_REGEX_PATTERN.encode('utf8'))
TIMEZONE_REGEX = re.compile(TIMEZONE_REGEX_PATTERN.encode('utf8'))
Reported by Pylint.
Line: 47
Column: 1
ISO8601_REGEX = re.compile(ISO8601_REGEX_PATTERN.encode('utf8'))
TIMEZONE_REGEX = re.compile(TIMEZONE_REGEX_PATTERN.encode('utf8'))
zulu = "Z".encode('latin-1')
minus = "-".encode('latin-1')
if sys.version_info < (3, 0):
bytes = str
Reported by Pylint.
Line: 48
Column: 1
TIMEZONE_REGEX = re.compile(TIMEZONE_REGEX_PATTERN.encode('utf8'))
zulu = "Z".encode('latin-1')
minus = "-".encode('latin-1')
if sys.version_info < (3, 0):
bytes = str
Reported by Pylint.
Line: 51
Column: 5
minus = "-".encode('latin-1')
if sys.version_info < (3, 0):
bytes = str
class ParseError(Exception):
"""Raised when there is a problem parsing a date string"""
Reported by Pylint.
Line: 61
Column: 1
ZERO = timedelta(0)
class Utc(tzinfo):
"""UTC
"""
def utcoffset(self, dt):
return ZERO
def tzname(self, dt):
Reported by Pylint.
Line: 75
Column: 1
class FixedOffset(tzinfo):
"""Fixed offset in hours and minutes from UTC
"""
def __init__(self, offset_hours, offset_minutes, name):
self.__offset = timedelta(hours=offset_hours, minutes=offset_minutes)
self.__name = name
Reported by Pylint.
src/mongo/db/storage/ephemeral_for_test/ephemeral_for_test_sorted_impl.cpp
16 issues
Line: 102
Column: 14
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
public:
UniqueIndexData() : _size(0), _begin(nullptr), _end(nullptr), _keyFormat(KeyFormat::Long) {}
UniqueIndexData(const std::string& indexData, KeyFormat keyFormat) {
std::memcpy(&_size, indexData.data(), sizeof(uint64_t));
_begin = reinterpret_cast<const uint8_t*>(indexData.data() + sizeof(uint64_t));
_end = reinterpret_cast<const uint8_t*>(indexData.data() + indexData.size());
_keyFormat = keyFormat;
}
Reported by FlawFinder.
Line: 179
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t IndexDataEntry::size() const {
// [RecordId size, RecordId, TypeBits size, TypeBits]
size_t ridSize;
std::memcpy(&ridSize, _buffer, sizeof(size_t));
int len = sizeof(size_t) + ridSize;
size_t typeBitsSize;
std::memcpy(&typeBitsSize, _buffer + len, sizeof(size_t));
Reported by FlawFinder.
Line: 183
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int len = sizeof(size_t) + ridSize;
size_t typeBitsSize;
std::memcpy(&typeBitsSize, _buffer + len, sizeof(size_t));
len += sizeof(size_t) + typeBitsSize;
return len;
}
Reported by FlawFinder.
Line: 192
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
RecordId IndexDataEntry::loc() const {
// [RecordId size, RecordId, TypeBits size, TypeBits]
size_t ridSize;
std::memcpy(&ridSize, _buffer, sizeof(size_t));
const uint8_t* ridStart = _buffer + sizeof(size_t);
if (KeyFormat::Long == _keyFormat) {
int64_t repr;
std::memcpy(&repr, ridStart, ridSize);
return RecordId(repr);
Reported by FlawFinder.
Line: 196
Column: 14
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const uint8_t* ridStart = _buffer + sizeof(size_t);
if (KeyFormat::Long == _keyFormat) {
int64_t repr;
std::memcpy(&repr, ridStart, ridSize);
return RecordId(repr);
} else {
return RecordId(reinterpret_cast<const char*>(ridStart), ridSize);
}
}
Reported by FlawFinder.
Line: 206
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
KeyString::TypeBits IndexDataEntry::typeBits() const {
// [RecordId size, RecordId, TypeBits size, TypeBits]
size_t ridSize;
std::memcpy(&ridSize, _buffer, sizeof(size_t));
int len = sizeof(size_t) + ridSize;
size_t typeBitsSize;
std::memcpy(&typeBitsSize, _buffer + len, sizeof(size_t));
Reported by FlawFinder.
Line: 210
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int len = sizeof(size_t) + ridSize;
size_t typeBitsSize;
std::memcpy(&typeBitsSize, _buffer + len, sizeof(size_t));
len += sizeof(size_t);
BufReader reader(_buffer + len, typeBitsSize);
return KeyString::TypeBits::fromBuffer(KeyString::Version::kLatestVersion, &reader);
Reported by FlawFinder.
Line: 263
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// Write number of entries
uint64_t num = size() + 1;
std::memcpy(pos, &num, sizeof(num));
pos += sizeof(num);
// Write old entries smaller than the new one
if (auto bytes = itBuffer - _begin) {
std::memcpy(pos, _begin, bytes);
Reported by FlawFinder.
Line: 268
Column: 14
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// Write old entries smaller than the new one
if (auto bytes = itBuffer - _begin) {
std::memcpy(pos, _begin, bytes);
pos += bytes;
}
// Write new entry
std::memcpy(pos, entry.data(), entry.size());
Reported by FlawFinder.
Line: 273
Column: 10
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
// Write new entry
std::memcpy(pos, entry.data(), entry.size());
pos += entry.size();
// Write old entries larger than the new one
if (auto bytes = _end - itBuffer) {
std::memcpy(pos, itBuffer, bytes);
Reported by FlawFinder.