The following issues were found
src/third_party/gperftools/dist/src/windows/preamble_patcher.cc
13 issues
Line: 96
Column: 7
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// relative to the next instruction.
int relative_offset; // Windows guarantees int is 4 bytes
SIDESTEP_ASSERT(sizeof(relative_offset) == 4);
memcpy(reinterpret_cast<void*>(&relative_offset),
reinterpret_cast<void*>(target + 1), 4);
new_target = target + 5 + relative_offset;
} else if (target[0] == ASM_JMP8REL) {
// Visual Studio 7.1 implements new[] as an 8 bit jump to new
signed char relative_offset;
Reported by FlawFinder.
Line: 102
Column: 7
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
} else if (target[0] == ASM_JMP8REL) {
// Visual Studio 7.1 implements new[] as an 8 bit jump to new
signed char relative_offset;
memcpy(reinterpret_cast<void*>(&relative_offset),
reinterpret_cast<void*>(target + 1), 1);
new_target = target + 2 + relative_offset;
} else if (target[0] == ASM_JMP32ABS_0 &&
target[1] == ASM_JMP32ABS_1) {
jmp32rel:
Reported by FlawFinder.
Line: 115
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (kIs64BitBinary) {
// In 64-bit mode JMPs are RIP-relative, not absolute
int target_offset;
memcpy(reinterpret_cast<void*>(&target_offset),
reinterpret_cast<void*>(target + 2), 4);
new_target_v = reinterpret_cast<void**>(target + target_offset + 6);
} else {
SIDESTEP_ASSERT(sizeof(new_target) == 4);
memcpy(&new_target_v, reinterpret_cast<void*>(target + 2), 4);
Reported by FlawFinder.
Line: 120
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
new_target_v = reinterpret_cast<void**>(target + target_offset + 6);
} else {
SIDESTEP_ASSERT(sizeof(new_target) == 4);
memcpy(&new_target_v, reinterpret_cast<void*>(target + 2), 4);
}
new_target = reinterpret_cast<unsigned char*>(*new_target_v);
} else if (kIs64BitBinary && target[0] == ASM_REXW
&& target[1] == ASM_JMP32ABS_0
&& target[2] == ASM_JMP32ABS_1) {
Reported by FlawFinder.
Line: 390
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return SIDESTEP_UNSUPPORTED_INSTRUCTION;
}
} else {
memcpy(reinterpret_cast<void*>(target + target_bytes),
reinterpret_cast<void*>(reinterpret_cast<unsigned char*>(
original_function_stub) + preamble_bytes), cur_bytes);
target_bytes += cur_bytes;
}
} else {
Reported by FlawFinder.
Line: 616
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
//
// 0f 8x xx xx xx xx = Jcc rel32off
unsigned short jmpcode = ((0x80 | (source[0] & 0xf)) << 8) | 0x0f;
memcpy(reinterpret_cast<void*>(target),
reinterpret_cast<void*>(&jmpcode), 2);
memcpy(reinterpret_cast<void*>(target + 2),
reinterpret_cast<void*>(&fixup_jump_offset), 4);
}
Reported by FlawFinder.
Line: 618
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
unsigned short jmpcode = ((0x80 | (source[0] & 0xf)) << 8) | 0x0f;
memcpy(reinterpret_cast<void*>(target),
reinterpret_cast<void*>(&jmpcode), 2);
memcpy(reinterpret_cast<void*>(target + 2),
reinterpret_cast<void*>(&fixup_jump_offset), 4);
}
return SIDESTEP_SUCCESS;
}
Reported by FlawFinder.
Line: 648
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
//
// e9 xx xx xx xx = jmp rel32off
target[0] = 0xe9;
memcpy(reinterpret_cast<void*>(target + 1),
reinterpret_cast<void*>(&fixup_jump_offset), 4);
}
return SIDESTEP_SUCCESS;
}
Reported by FlawFinder.
Line: 683
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
(source[1] & ASM_JCC32REL_1_MASK) == ASM_JCC32REL_1_MASK) {
unsigned short jmpcode = (static_cast<unsigned char>(
fixup_jump_offset) << 8) | (0x70 | (source[1] & 0xf));
memcpy(reinterpret_cast<void*>(target),
reinterpret_cast<void*>(&jmpcode),
2);
} else {
target[0] = ASM_JMP8REL;
target[1] = static_cast<unsigned char>(fixup_jump_offset);
Reported by FlawFinder.
Line: 694
Column: 7
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
} else {
*target_bytes = instruction_size;
if (target_size > *target_bytes) {
memcpy(reinterpret_cast<void*>(target),
reinterpret_cast<void*>(source),
jmp_offset_in_instruction);
memcpy(reinterpret_cast<void*>(target + jmp_offset_in_instruction),
reinterpret_cast<void*>(&fixup_jump_offset),
4);
Reported by FlawFinder.
jstests/client_encrypt/lib/kms_http_common.py
13 issues
Line: 79
Column: 9
@abstractmethod
def do_POST(self):
"""Serve a POST request."""
pass
def _send_reply(self, data, status=http.HTTPStatus.OK):
print("Sending Response: " + data.decode())
self.send_response(status)
Reported by Pylint.
Line: 118
Column: 9
self.wfile.write(str(stats).encode('utf-8'))
def _do_disable_faults(self):
global disable_faults
disable_faults = True
self._send_header()
def _do_enable_faults(self):
global disable_faults
Reported by Pylint.
Line: 123
Column: 9
self._send_header()
def _do_enable_faults(self):
global disable_faults
disable_faults = False
self._send_header()
def run(port, cert_file, ca_file, handler_class, server_class=http.server.HTTPServer):
Reported by Pylint.
Line: 134
Column: 20
httpd = server_class(server_address, handler_class)
httpd.socket = ssl.wrap_socket(httpd.socket,
certfile=cert_file,
ca_certs=ca_file, server_side=True)
print(f"Mock KMS Web Server Listening on {str(server_address)}")
Reported by Pylint.
Line: 40
Column: 1
FAULT_OAUTH_CORRECT_FORMAT = "fault_oauth_correct_format"
class Stats:
"""Stats class shared between client and server."""
def __init__(self):
self.encrypt_calls = 0
self.decrypt_calls = 0
Reported by Pylint.
Line: 56
Column: 1
})
class KmsHandlerBase(http.server.BaseHTTPRequestHandler):
protocol_version = "HTTP/1.1"
def do_GET(self):
"""Serve a Test GET request."""
print("Received GET: " + self.path)
Reported by Pylint.
Line: 59
Column: 5
class KmsHandlerBase(http.server.BaseHTTPRequestHandler):
protocol_version = "HTTP/1.1"
def do_GET(self):
"""Serve a Test GET request."""
print("Received GET: " + self.path)
parts = urllib.parse.urlsplit(self.path)
path = parts[2]
Reported by Pylint.
Line: 77
Column: 5
self.wfile.write("Unknown URL".encode())
@abstractmethod
def do_POST(self):
"""Serve a POST request."""
pass
def _send_reply(self, data, status=http.HTTPStatus.OK):
print("Sending Response: " + data.decode())
Reported by Pylint.
Line: 118
Column: 9
self.wfile.write(str(stats).encode('utf-8'))
def _do_disable_faults(self):
global disable_faults
disable_faults = True
self._send_header()
def _do_enable_faults(self):
global disable_faults
Reported by Pylint.
Line: 123
Column: 9
self._send_header()
def _do_enable_faults(self):
global disable_faults
disable_faults = False
self._send_header()
def run(port, cert_file, ca_file, handler_class, server_class=http.server.HTTPServer):
Reported by Pylint.
src/third_party/mozjs-60/extract/js/src/wasm/WasmBinaryToText.cpp
13 issues
Line: 71
Column: 33
CWE codes:
126
c.buffer.stringBuffer().clear();
return c.buffer.append("There was a problem when rendering the wasm text format: ") &&
c.buffer.append(msg, strlen(msg)) &&
c.buffer.append("\nYou should consider file a bug on Bugzilla in the "
"Core:::JavaScript Engine::JIT component at "
"https://bugzilla.mozilla.org/enter_bug.cgi.");
}
Reported by FlawFinder.
Line: 559
Column: 35
CWE codes:
126
default: return Fail(c, "unexpected unary operator");
}
return c.buffer.append(opStr, strlen(opStr));
}
static bool
RenderBinaryOperator(WasmRenderContext& c, AstBinaryOperator& binary)
{
Reported by FlawFinder.
Line: 623
Column: 35
CWE codes:
126
default: return Fail(c, "unexpected binary operator");
}
return c.buffer.append(opStr, strlen(opStr));
}
static bool
RenderTernaryOperator(WasmRenderContext& c, AstTernaryOperator& ternary)
{
Reported by FlawFinder.
Line: 646
Column: 35
CWE codes:
126
default: return Fail(c, "unexpected ternary operator");
}
return c.buffer.append(opStr, strlen(opStr));
}
static bool
RenderComparisonOperator(WasmRenderContext& c, AstComparisonOperator& comp)
{
Reported by FlawFinder.
Line: 698
Column: 35
CWE codes:
126
default: return Fail(c, "unexpected comparison operator");
}
return c.buffer.append(opStr, strlen(opStr));
}
static bool
RenderConversionOperator(WasmRenderContext& c, AstConversionOperator& conv)
{
Reported by FlawFinder.
Line: 749
Column: 35
CWE codes:
126
case Op::I64Eqz: opStr = "i64.eqz"; break;
default: return Fail(c, "unexpected conversion operator");
}
return c.buffer.append(opStr, strlen(opStr));
}
#ifdef ENABLE_WASM_SATURATING_TRUNC_OPS
static bool
RenderExtraConversionOperator(WasmRenderContext& c, AstExtraConversionOperator& conv)
Reported by FlawFinder.
Line: 775
Column: 35
CWE codes:
126
case NumericOp::I64TruncUSatF64: opStr = "i64.trunc_u:sat/f64"; break;
default: return Fail(c, "unexpected extra conversion operator");
}
return c.buffer.append(opStr, strlen(opStr));
}
#endif
static bool
RenderIf(WasmRenderContext& c, AstIf& if_)
Reported by FlawFinder.
Line: 1102
Column: 34
CWE codes:
126
default: return Fail(c, "unexpected cmpxchg operator");
}
if (!c.buffer.append(opname, strlen(opname)))
return false;
return RenderLoadStoreAddress(c, cmpxchg.address(), 0);
}
Reported by FlawFinder.
Line: 1130
Column: 34
CWE codes:
126
default: return Fail(c, "unexpected load operator");
}
if (!c.buffer.append(opname, strlen(opname)))
return false;
return RenderLoadStoreAddress(c, load.address(), 0);
}
Reported by FlawFinder.
Line: 1196
Column: 34
CWE codes:
126
default: return Fail(c, "unexpected rmw operator");
}
if (!c.buffer.append(opname, strlen(opname)))
return false;
return RenderLoadStoreAddress(c, rmw.address(), 0);
}
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/vm/TraceLoggingGraph.cpp
13 issues
Line: 83
Column: 35
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
filename.reset((char*) js_malloc(len));
if (!filename)
return nullptr;
char* rest = filename.get() + sprintf(filename.get(), "%s/", outdir);
va_start(ap, pattern);
int ret = vsnprintf(rest, len, pattern, ap);
va_end(ap);
if (ret < 0)
Reported by FlawFinder.
Line: 86
Column: 15
CWE codes:
134
Suggestion:
Use a constant for the format specification
char* rest = filename.get() + sprintf(filename.get(), "%s/", outdir);
va_start(ap, pattern);
int ret = vsnprintf(rest, len, pattern, ap);
va_end(ap);
if (ret < 0)
return nullptr;
MOZ_ASSERT(size_t(ret) <= len - (strlen(outdir) + 1),
Reported by FlawFinder.
Line: 61
Column: 51
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
va_list ap;
static const char* outdir = getenv("TLDIR") ? getenv("TLDIR") : DEFAULT_TRACE_LOG_DIR;
size_t len = strlen(outdir) + 1; // "+ 1" is for the '/'
for (const char* p = pattern; *p; p++) {
if (*p == '%') {
p++;
Reported by FlawFinder.
Line: 61
Column: 33
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
va_list ap;
static const char* outdir = getenv("TLDIR") ? getenv("TLDIR") : DEFAULT_TRACE_LOG_DIR;
size_t len = strlen(outdir) + 1; // "+ 1" is for the '/'
for (const char* p = pattern; *p; p++) {
if (*p == '%') {
p++;
Reported by FlawFinder.
Line: 103
Column: 11
CWE codes:
362
pid_ = (uint32_t) getpid();
js::UniqueChars filename = AllocTraceLogFilename("tl-data.%u.json", pid_);
out = fopen(filename.get(), "w");
if (!out) {
fprintf(stderr, "warning: failed to create TraceLogger output file %s\n", filename.get());
return false;
}
Reported by FlawFinder.
Line: 114
Column: 22
CWE codes:
362
// Write the latest tl-data.*.json file to tl-data.json.
// In most cases that is the wanted file.
js::UniqueChars masterFilename = AllocTraceLogFilename("tl-data.json");
if (FILE* last = fopen(masterFilename.get(), "w")) {
char *basename = strrchr(filename.get(), '/');
basename = basename ? basename + 1 : filename.get();
fprintf(last, "\"%s\"", basename);
fclose(last);
}
Reported by FlawFinder.
Line: 166
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
pid_, numLoggers, pid_, numLoggers, pid_, numLoggers);
if (written > 0) {
char threadName[16];
js::ThisThread::GetName(threadName, sizeof(threadName));
if (threadName[0])
written = fprintf(out, ", \"threadName\":\"%s\"", threadName);
}
Reported by FlawFinder.
Line: 242
Column: 16
CWE codes:
362
uint32_t pid = traceLoggerGraphState->pid();
js::UniqueChars dictFilename = AllocTraceLogFilename("tl-dict.%u.%d.json", pid, loggerId);
dictFile = fopen(dictFilename.get(), "w");
if (!dictFile)
return false;
auto cleanupDict = MakeScopeExit([&] { fclose(dictFile); dictFile = nullptr; });
js::UniqueChars treeFilename = AllocTraceLogFilename("tl-tree.%u.%d.tl", pid, loggerId);
Reported by FlawFinder.
Line: 248
Column: 16
CWE codes:
362
auto cleanupDict = MakeScopeExit([&] { fclose(dictFile); dictFile = nullptr; });
js::UniqueChars treeFilename = AllocTraceLogFilename("tl-tree.%u.%d.tl", pid, loggerId);
treeFile = fopen(treeFilename.get(), "w+b");
if (!treeFile)
return false;
auto cleanupTree = MakeScopeExit([&] { fclose(treeFile); treeFile = nullptr; });
js::UniqueChars eventFilename = AllocTraceLogFilename("tl-event.%u.%d.tl", pid, loggerId);
Reported by FlawFinder.
Line: 254
Column: 17
CWE codes:
362
auto cleanupTree = MakeScopeExit([&] { fclose(treeFile); treeFile = nullptr; });
js::UniqueChars eventFilename = AllocTraceLogFilename("tl-event.%u.%d.tl", pid, loggerId);
eventFile = fopen(eventFilename.get(), "wb");
if (!eventFile)
return false;
auto cleanupEvent = MakeScopeExit([&] { fclose(eventFile); eventFile = nullptr; });
// Create the top tree node and corresponding first stack item.
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_util09.py
13 issues
Line: 31
Column: 1
import os, struct
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util09.py
# Utilities: wt loadtext
class test_util09(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util09.a'
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import os, struct
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util09.py
# Utilities: wt loadtext
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import os, struct
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util09.py
# Utilities: wt loadtext
Reported by Pylint.
Line: 31
Column: 1
import os, struct
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util09.py
# Utilities: wt loadtext
class test_util09(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util09.a'
Reported by Pylint.
Line: 40
Column: 29
nentries = 1000
session_params = 'key_format=S,value_format=S'
def populate_file(self, filename, low, high):
"""
Insert some simple key // value lines into the file
"""
keys = {}
with open("loadtext.in", "w") as f:
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import os, struct
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util09.py
# Utilities: wt loadtext
Reported by Pylint.
Line: 31
Column: 1
import os, struct
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util09.py
# Utilities: wt loadtext
class test_util09(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util09.a'
Reported by Pylint.
Line: 31
Column: 1
import os, struct
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
# test_util09.py
# Utilities: wt loadtext
class test_util09(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util09.a'
Reported by Pylint.
Line: 35
Column: 1
# test_util09.py
# Utilities: wt loadtext
class test_util09(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_util09.a'
nentries = 1000
session_params = 'key_format=S,value_format=S'
def populate_file(self, filename, low, high):
Reported by Pylint.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Tool/linkloc.py
13 issues
Line: 37
Column: 1
__revision__ = "src/engine/SCons/Tool/linkloc.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import os.path
import re
import SCons.Action
import SCons.Defaults
import SCons.Errors
Reported by Pylint.
Line: 35
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
__revision__ = "src/engine/SCons/Tool/linkloc.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import os.path
import re
import SCons.Action
Reported by Pylint.
Line: 51
Column: 1
_re_linker_command = re.compile(r'(\s)@\s*([^\s]+)')
def repl_linker_command(m):
# Replaces any linker command file directives (e.g. "@foo.lnk") with
# the actual contents of the file.
try:
with open(m.group(2), "r") as f:
return m.group(1) + f.read()
Reported by Pylint.
Line: 51
Column: 1
_re_linker_command = re.compile(r'(\s)@\s*([^\s]+)')
def repl_linker_command(m):
# Replaces any linker command file directives (e.g. "@foo.lnk") with
# the actual contents of the file.
try:
with open(m.group(2), "r") as f:
return m.group(1) + f.read()
Reported by Pylint.
Line: 55
Column: 39
# Replaces any linker command file directives (e.g. "@foo.lnk") with
# the actual contents of the file.
try:
with open(m.group(2), "r") as f:
return m.group(1) + f.read()
except IOError:
# the linker should return an error if it can't
# find the linker command file so we will remain quiet.
# However, we will replace the @ with a # so we will not continue
Reported by Pylint.
Line: 64
Column: 1
# to find it with recursive substitution
return m.group(1) + '#' + m.group(2)
class LinklocGenerator(object):
def __init__(self, cmdline):
self.cmdline = cmdline
def __call__(self, env, target, source, for_signature):
if for_signature:
Reported by Pylint.
Line: 64
Column: 1
# to find it with recursive substitution
return m.group(1) + '#' + m.group(2)
class LinklocGenerator(object):
def __init__(self, cmdline):
self.cmdline = cmdline
def __call__(self, env, target, source, for_signature):
if for_signature:
Reported by Pylint.
Line: 64
Column: 1
# to find it with recursive substitution
return m.group(1) + '#' + m.group(2)
class LinklocGenerator(object):
def __init__(self, cmdline):
self.cmdline = cmdline
def __call__(self, env, target, source, for_signature):
if for_signature:
Reported by Pylint.
Line: 69
Column: 9
self.cmdline = cmdline
def __call__(self, env, target, source, for_signature):
if for_signature:
# Expand the contents of any linker command files recursively
subs = 1
strsub = env.subst(self.cmdline, target=target, source=source)
while subs:
strsub, subs = _re_linker_command.subn(repl_linker_command, strsub)
Reported by Pylint.
Line: 87
Column: 1
env['SUBST_CMD_FILE'] = LinklocGenerator
env['SHLINK'] = '$LINK'
env['SHLINKFLAGS'] = SCons.Util.CLVar('$LINKFLAGS')
env['SHLINKCOM'] = '${SUBST_CMD_FILE("$SHLINK $SHLINKFLAGS $_LIBDIRFLAGS $_LIBFLAGS -dll $TARGET $SOURCES")}'
env['SHLIBEMITTER']= None
env['LDMODULEEMITTER']= None
env['LINK'] = "linkloc"
env['LINKFLAGS'] = SCons.Util.CLVar('')
env['LINKCOM'] = '${SUBST_CMD_FILE("$LINK $LINKFLAGS $_LIBDIRFLAGS $_LIBFLAGS -exe $TARGET $SOURCES")}'
Reported by Pylint.
src/third_party/mozjs-60/extract/js/src/vm/JSContext.cpp
13 issues
Line: 354
* Furthermore, callers of ReportOutOfMemory (viz., malloc) assume a GC does
* not occur, so GC must be avoided or suppressed.
*/
JS_FRIEND_API(void)
js::ReportOutOfMemory(JSContext* cx)
{
#ifdef JS_MORE_DETERMINISTIC
/*
* OOMs are non-deterministic, especially across different execution modes
Reported by Cppcheck.
Line: 854
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
char* message = cx->pod_malloc<char>(nbytes);
if (!message)
return false;
snprintf(message, nbytes, defaultErrorMessage, errorNumber);
reportp->initOwnedMessage(message);
}
return true;
}
Reported by FlawFinder.
Line: 1475
Column: 9
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
#if !defined(ANDROID)
return false;
#else // ANDROID
if (getenv("JS_IGNORE_JIT_BROKENNESS")) {
return false;
}
std::string line;
Reported by FlawFinder.
Line: 1001
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void
js::ReportMissingArg(JSContext* cx, HandleValue v, unsigned arg)
{
char argbuf[11];
UniqueChars bytes;
SprintfLiteral(argbuf, "%u", arg);
if (IsFunctionObject(v)) {
RootedAtom name(cx, v.toObject().as<JSFunction>().explicitName());
Reported by FlawFinder.
Line: 1659
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void
AutoEnterOOMUnsafeRegion::crash(const char* reason)
{
char msgbuf[1024];
js::NoteIntentionalCrash();
SprintfLiteral(msgbuf, "[unhandlable oom] %s", reason);
MOZ_ReportAssertionFailure(msgbuf, __FILE__, __LINE__);
MOZ_CRASH();
}
Reported by FlawFinder.
Line: 474
Column: 43
CWE codes:
126
report.initOwnedMessage(message.release());
} else {
MOZ_ASSERT(argumentsType == ArgumentsAreLatin1);
Latin1Chars latin1(message.get(), strlen(message.get()));
UTF8CharsZ utf8(JS::CharsToNewUTF8CharsZ(cx, latin1));
if (!utf8)
return false;
report.initOwnedMessage(reinterpret_cast<const char*>(utf8.get()));
}
Reported by FlawFinder.
Line: 698
Column: 31
CWE codes:
126
MOZ_ASSERT(!argsArg);
args_[i] = va_arg(ap, char*);
MOZ_ASSERT_IF(typeArg == ArgumentsAreASCII, JS::StringIsASCII(args_[i]));
lengths_[i] = strlen(args_[i]);
break;
}
case ArgumentsAreLatin1: {
MOZ_ASSERT(!argsArg);
const Latin1Char* latin1 = va_arg(ap, Latin1Char*);
Reported by FlawFinder.
Line: 704
Column: 30
CWE codes:
126
case ArgumentsAreLatin1: {
MOZ_ASSERT(!argsArg);
const Latin1Char* latin1 = va_arg(ap, Latin1Char*);
size_t len = strlen(reinterpret_cast<const char*>(latin1));
mozilla::Range<const Latin1Char> range(latin1, len);
char* utf8 = JS::CharsToNewUTF8CharsZ(cx, range).c_str();
if (!utf8)
return false;
Reported by FlawFinder.
Line: 711
Column: 31
CWE codes:
126
return false;
args_[i] = utf8;
lengths_[i] = strlen(utf8);
allocatedElements_ = true;
break;
}
case ArgumentsAreUnicode: {
const char16_t* uc = argsArg ? argsArg[i] : va_arg(ap, char16_t*);
Reported by FlawFinder.
Line: 724
Column: 31
CWE codes:
126
return false;
args_[i] = utf8;
lengths_[i] = strlen(utf8);
allocatedElements_ = true;
break;
}
}
totalLength_ += lengths_[i];
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_checkpoint03.py
13 issues
Line: 38
Column: 1
#
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wiredtiger import stat
from wtscenario import make_scenarios
class test_checkpoint03(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_checkpoint03'
Reported by Pylint.
Line: 39
Column: 1
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wiredtiger import stat
from wtscenario import make_scenarios
class test_checkpoint03(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_checkpoint03'
conn_config = 'statistics=(all)'
Reported by Pylint.
Line: 38
Column: 1
#
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wiredtiger import stat
from wtscenario import make_scenarios
class test_checkpoint03(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_checkpoint03'
Reported by Pylint.
Line: 40
Column: 1
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wiredtiger import stat
from wtscenario import make_scenarios
class test_checkpoint03(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_checkpoint03'
conn_config = 'statistics=(all)'
uri = 'table:' + tablename
Reported by Pylint.
Line: 48
Column: 24
uri = 'table:' + tablename
session_config = 'isolation=snapshot, '
def get_stat(self, stat):
stat_cursor = self.session.open_cursor('statistics:')
val = stat_cursor[stat][2]
stat_cursor.close()
return val
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 38
Column: 1
#
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wiredtiger import stat
from wtscenario import make_scenarios
class test_checkpoint03(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_checkpoint03'
Reported by Pylint.
Line: 38
Column: 1
#
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wiredtiger import stat
from wtscenario import make_scenarios
class test_checkpoint03(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_checkpoint03'
Reported by Pylint.
Line: 39
Column: 1
from suite_subprocess import suite_subprocess
import wiredtiger, wttest
from wiredtiger import stat
from wtscenario import make_scenarios
class test_checkpoint03(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_checkpoint03'
conn_config = 'statistics=(all)'
Reported by Pylint.
Line: 42
Column: 1
from wiredtiger import stat
from wtscenario import make_scenarios
class test_checkpoint03(wttest.WiredTigerTestCase, suite_subprocess):
tablename = 'test_checkpoint03'
conn_config = 'statistics=(all)'
uri = 'table:' + tablename
session_config = 'isolation=snapshot, '
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_txn13.py
13 issues
Line: 37
Column: 1
#import fnmatch, os, shutil, run, time
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
Reported by Pylint.
Line: 62
Column: 5
scenarios = make_scenarios(key_format_values, size_values)
# Turn on logging for this test.
def conn_config(self):
return 'log=(archive=false,enabled,file_max=%s)' % self.logmax + \
',cache_size=20G,eviction_dirty_trigger=100'
@wttest.longtest('txn tests with huge values')
def test_large_values(self):
Reported by Pylint.
Line: 89
Column: 17
# EFBIG is expected: File too large
msg = '/exceeds the maximum/'
self.assertRaisesWithMessage(wiredtiger.WiredTigerError,
lambda:self.session.commit_transaction(), msg)
gotException = True
else:
self.session.commit_transaction()
self.assertTrue(gotException == self.expect_err)
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 37
Column: 1
#import fnmatch, os, shutil, run, time
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
Reported by Pylint.
Line: 37
Column: 1
#import fnmatch, os, shutil, run, time
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
Reported by Pylint.
Line: 39
Column: 1
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
# We use 8 ops here to get around the 10 operation check done by WiredTiger to determine if
# a transaction is blocking or not.
Reported by Pylint.
Line: 39
Column: 1
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
# We use 8 ops here to get around the 10 operation check done by WiredTiger to determine if
# a transaction is blocking or not.
Reported by Pylint.
Line: 62
Column: 5
scenarios = make_scenarios(key_format_values, size_values)
# Turn on logging for this test.
def conn_config(self):
return 'log=(archive=false,enabled,file_max=%s)' % self.logmax + \
',cache_size=20G,eviction_dirty_trigger=100'
@wttest.longtest('txn tests with huge values')
def test_large_values(self):
Reported by Pylint.
Line: 67
Column: 5
',cache_size=20G,eviction_dirty_trigger=100'
@wttest.longtest('txn tests with huge values')
def test_large_values(self):
create_params = 'key_format={},value_format=S'.format(self.key_format)
# print "Creating %s with config '%s'" % (self.uri, create_params)
# print "Running with %d" % (self.valuesize)
self.session.create(self.uri, create_params)
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_metadata_cursor03.py
13 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 61
Column: 30
c.close()
return count
def verify_logrecs(self, origcnt):
#
# Walk through all the log and make sure that creating any table
# only writes two log records to the log. The two records are the
# commit entry itself and the sync record for the metadata file.
#
Reported by Pylint.
Line: 67
Column: 9
# only writes two log records to the log. The two records are the
# commit entry itself and the sync record for the metadata file.
#
count = self.count_logrecs()
# To be re-enabled when WT-3965 is fixed.
#self.assertTrue(count == origcnt + 2)
# Test that creating and dropping tables does not write individual
# log records.
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 34
Column: 1
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
conn_config = 'log=(enabled)'
types = [
('file', dict(uri='file:', use_cg=False, use_index=False)),
('lsm', dict(uri='lsm:', use_cg=False, use_index=False)),
('table-cg', dict(uri='table:', use_cg=True, use_index=False)),
Reported by Pylint.
Line: 34
Column: 1
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
conn_config = 'log=(enabled)'
types = [
('file', dict(uri='file:', use_cg=False, use_index=False)),
('lsm', dict(uri='lsm:', use_cg=False, use_index=False)),
('table-cg', dict(uri='table:', use_cg=True, use_index=False)),
Reported by Pylint.
Line: 48
Column: 5
# Count actual log records in the log. Log cursors walk the individual
# operations of a transaction as well as the entire record. Skip counting
# any individual commit operations and only count entire records.
def count_logrecs(self):
count = 0
c = self.session.open_cursor('log:', None, None)
while c.next() == 0:
# lsn.file, lsn.offset, opcount
keys = c.get_key()
Reported by Pylint.