The following issues were found
src/third_party/wiredtiger/test/suite/test_txn13.py
13 issues
Line: 37
Column: 1
#import fnmatch, os, shutil, run, time
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
Reported by Pylint.
Line: 62
Column: 5
scenarios = make_scenarios(key_format_values, size_values)
# Turn on logging for this test.
def conn_config(self):
return 'log=(archive=false,enabled,file_max=%s)' % self.logmax + \
',cache_size=20G,eviction_dirty_trigger=100'
@wttest.longtest('txn tests with huge values')
def test_large_values(self):
Reported by Pylint.
Line: 89
Column: 17
# EFBIG is expected: File too large
msg = '/exceeds the maximum/'
self.assertRaisesWithMessage(wiredtiger.WiredTigerError,
lambda:self.session.commit_transaction(), msg)
gotException = True
else:
self.session.commit_transaction()
self.assertTrue(gotException == self.expect_err)
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 37
Column: 1
#import fnmatch, os, shutil, run, time
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
Reported by Pylint.
Line: 37
Column: 1
#import fnmatch, os, shutil, run, time
from suite_subprocess import suite_subprocess
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
Reported by Pylint.
Line: 39
Column: 1
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
# We use 8 ops here to get around the 10 operation check done by WiredTiger to determine if
# a transaction is blocking or not.
Reported by Pylint.
Line: 39
Column: 1
from wtscenario import make_scenarios
import wiredtiger, wttest
class test_txn13(wttest.WiredTigerTestCase, suite_subprocess):
logmax = "100K"
tablename = 'test_txn13'
uri = 'table:' + tablename
# We use 8 ops here to get around the 10 operation check done by WiredTiger to determine if
# a transaction is blocking or not.
Reported by Pylint.
Line: 62
Column: 5
scenarios = make_scenarios(key_format_values, size_values)
# Turn on logging for this test.
def conn_config(self):
return 'log=(archive=false,enabled,file_max=%s)' % self.logmax + \
',cache_size=20G,eviction_dirty_trigger=100'
@wttest.longtest('txn tests with huge values')
def test_large_values(self):
Reported by Pylint.
Line: 67
Column: 5
',cache_size=20G,eviction_dirty_trigger=100'
@wttest.longtest('txn tests with huge values')
def test_large_values(self):
create_params = 'key_format={},value_format=S'.format(self.key_format)
# print "Creating %s with config '%s'" % (self.uri, create_params)
# print "Running with %d" % (self.valuesize)
self.session.create(self.uri, create_params)
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_metadata_cursor03.py
13 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 61
Column: 30
c.close()
return count
def verify_logrecs(self, origcnt):
#
# Walk through all the log and make sure that creating any table
# only writes two log records to the log. The two records are the
# commit entry itself and the sync record for the metadata file.
#
Reported by Pylint.
Line: 67
Column: 9
# only writes two log records to the log. The two records are the
# commit entry itself and the sync record for the metadata file.
#
count = self.count_logrecs()
# To be re-enabled when WT-3965 is fixed.
#self.assertTrue(count == origcnt + 2)
# Test that creating and dropping tables does not write individual
# log records.
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 34
Column: 1
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
conn_config = 'log=(enabled)'
types = [
('file', dict(uri='file:', use_cg=False, use_index=False)),
('lsm', dict(uri='lsm:', use_cg=False, use_index=False)),
('table-cg', dict(uri='table:', use_cg=True, use_index=False)),
Reported by Pylint.
Line: 34
Column: 1
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
conn_config = 'log=(enabled)'
types = [
('file', dict(uri='file:', use_cg=False, use_index=False)),
('lsm', dict(uri='lsm:', use_cg=False, use_index=False)),
('table-cg', dict(uri='table:', use_cg=True, use_index=False)),
Reported by Pylint.
Line: 48
Column: 5
# Count actual log records in the log. Log cursors walk the individual
# operations of a transaction as well as the entire record. Skip counting
# any individual commit operations and only count entire records.
def count_logrecs(self):
count = 0
c = self.session.open_cursor('log:', None, None)
while c.next() == 0:
# lsn.file, lsn.offset, opcount
keys = c.get_key()
Reported by Pylint.
src/mongo/util/net/ssl_manager_test.cpp
13 issues
Line: 118
return str;
}
TEST(SSLManager, matchHostname) {
enum Expected : bool { match = true, mismatch = false };
const struct {
Expected expected;
std::string hostname;
std::string certName;
Reported by Cppcheck.
Line: 128
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
// clang-format off
// Matches? | Hostname and possibly FQDN | Certificate name
{match, "foo.bar.bas" , "*.bar.bas."},
{mismatch, "foo.subdomain.bar.bas" , "*.bar.bas."},
{match, "foo.bar.bas.", "*.bar.bas."},
{mismatch, "foo.subdomain.bar.bas.", "*.bar.bas."},
{match, "foo.bar.bas" , "*.bar.bas"},
{mismatch, "foo.subdomain.bar.bas" , "*.bar.bas"},
Reported by FlawFinder.
Line: 130
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{match, "foo.bar.bas" , "*.bar.bas."},
{mismatch, "foo.subdomain.bar.bas" , "*.bar.bas."},
{match, "foo.bar.bas.", "*.bar.bas."},
{mismatch, "foo.subdomain.bar.bas.", "*.bar.bas."},
{match, "foo.bar.bas" , "*.bar.bas"},
{mismatch, "foo.subdomain.bar.bas" , "*.bar.bas"},
{match, "foo.bar.bas.", "*.bar.bas"},
{mismatch, "foo.subdomain.bar.bas.", "*.bar.bas"},
Reported by FlawFinder.
Line: 133
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{mismatch, "foo.subdomain.bar.bas.", "*.bar.bas."},
{match, "foo.bar.bas" , "*.bar.bas"},
{mismatch, "foo.subdomain.bar.bas" , "*.bar.bas"},
{match, "foo.bar.bas.", "*.bar.bas"},
{mismatch, "foo.subdomain.bar.bas.", "*.bar.bas"},
{mismatch, "foo.evil.bas" , "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas."},
Reported by FlawFinder.
Line: 135
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{match, "foo.bar.bas" , "*.bar.bas"},
{mismatch, "foo.subdomain.bar.bas" , "*.bar.bas"},
{match, "foo.bar.bas.", "*.bar.bas"},
{mismatch, "foo.subdomain.bar.bas.", "*.bar.bas"},
{mismatch, "foo.evil.bas" , "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas."},
{mismatch, "foo.evil.bas.", "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas.", "*.bar.bas."},
Reported by FlawFinder.
Line: 137
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{match, "foo.bar.bas.", "*.bar.bas"},
{mismatch, "foo.subdomain.bar.bas.", "*.bar.bas"},
{mismatch, "foo.evil.bas" , "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas."},
{mismatch, "foo.evil.bas.", "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas.", "*.bar.bas."},
{mismatch, "foo.evil.bas" , "*.bar.bas"},
Reported by FlawFinder.
Line: 138
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{mismatch, "foo.subdomain.bar.bas.", "*.bar.bas"},
{mismatch, "foo.evil.bas" , "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas."},
{mismatch, "foo.evil.bas.", "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas.", "*.bar.bas."},
{mismatch, "foo.evil.bas" , "*.bar.bas"},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas"},
Reported by FlawFinder.
Line: 139
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{mismatch, "foo.evil.bas" , "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas."},
{mismatch, "foo.evil.bas.", "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas.", "*.bar.bas."},
{mismatch, "foo.evil.bas" , "*.bar.bas"},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas"},
{mismatch, "foo.evil.bas.", "*.bar.bas"},
Reported by FlawFinder.
Line: 140
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{mismatch, "foo.evil.bas" , "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas."},
{mismatch, "foo.evil.bas.", "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas.", "*.bar.bas."},
{mismatch, "foo.evil.bas" , "*.bar.bas"},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas"},
{mismatch, "foo.evil.bas.", "*.bar.bas"},
{mismatch, "foo.subdomain.evil.bas.", "*.bar.bas"},
Reported by FlawFinder.
Line: 142
Column: 10
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
{mismatch, "foo.evil.bas.", "*.bar.bas."},
{mismatch, "foo.subdomain.evil.bas.", "*.bar.bas."},
{mismatch, "foo.evil.bas" , "*.bar.bas"},
{mismatch, "foo.subdomain.evil.bas" , "*.bar.bas"},
{mismatch, "foo.evil.bas.", "*.bar.bas"},
{mismatch, "foo.subdomain.evil.bas.", "*.bar.bas"},
// clang-format on
};
Reported by FlawFinder.
src/third_party/boost/boost/regex/v4/regex_workaround.hpp
13 issues
Line: 53
Column: 45
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
#if defined(BOOST_NO_STDC_NAMESPACE)
namespace std{
using ::sprintf; using ::strcpy; using ::strcat; using ::strlen;
}
#endif
namespace boost{ namespace BOOST_REGEX_DETAIL_NS{
#ifdef BOOST_NO_STD_DISTANCE
Reported by FlawFinder.
Line: 53
Column: 12
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
#if defined(BOOST_NO_STDC_NAMESPACE)
namespace std{
using ::sprintf; using ::strcpy; using ::strcat; using ::strlen;
}
#endif
namespace boost{ namespace BOOST_REGEX_DETAIL_NS{
#ifdef BOOST_NO_STD_DISTANCE
Reported by FlawFinder.
Line: 53
Column: 29
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
#if defined(BOOST_NO_STDC_NAMESPACE)
namespace std{
using ::sprintf; using ::strcpy; using ::strcat; using ::strlen;
}
#endif
namespace boost{ namespace BOOST_REGEX_DETAIL_NS{
#ifdef BOOST_NO_STD_DISTANCE
Reported by FlawFinder.
Line: 87
Column: 12
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
using ::size_t;
using ::abs;
using ::memset;
using ::memcpy;
}
#endif
/*****************************************************************************
Reported by FlawFinder.
Line: 204
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
std::size_t lenSourceWithNull = std::strlen(strSource) + 1;
if (lenSourceWithNull > sizeInBytes)
return 1;
std::memcpy(strDestination, strSource, lenSourceWithNull);
return 0;
}
inline std::size_t strcat_s(
char *strDestination,
std::size_t sizeInBytes,
Reported by FlawFinder.
Line: 217
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
std::size_t lenDestination = std::strlen(strDestination);
if (lenSourceWithNull + lenDestination > sizeInBytes)
return 1;
std::memcpy(strDestination + lenDestination, strSource, lenSourceWithNull);
return 0;
}
#endif
Reported by FlawFinder.
Line: 53
Column: 61
CWE codes:
126
#if defined(BOOST_NO_STDC_NAMESPACE)
namespace std{
using ::sprintf; using ::strcpy; using ::strcat; using ::strlen;
}
#endif
namespace boost{ namespace BOOST_REGEX_DETAIL_NS{
#ifdef BOOST_NO_STD_DISTANCE
Reported by FlawFinder.
Line: 146
Column: 16
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
return stdext::unchecked_copy(first, last, dest);
}
template<class InputIterator1, class InputIterator2>
inline bool equal(
InputIterator1 first,
InputIterator1 last,
InputIterator2 with
)
{
Reported by FlawFinder.
Line: 175
Column: 16
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
return dest;
}
template<class InputIterator1, class InputIterator2>
inline bool equal(
InputIterator1 first,
InputIterator1 last,
InputIterator2 with
)
{
Reported by FlawFinder.
Line: 187
Column: 15
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
}
#else
using std::copy;
using std::equal;
#endif
#if BOOST_WORKAROUND(BOOST_MSVC,>=1400) && defined(__STDC_WANT_SECURE_LIB__) && __STDC_WANT_SECURE_LIB__
// use safe versions of strcpy etc:
using ::strcpy_s;
Reported by FlawFinder.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Tool/MSCommon/netframework.py
13 issues
Line: 32
Column: 1
import re
import SCons.Util
from .common import read_reg, debug
# Original value recorded by dcournapeau
_FRAMEWORKDIR_HKEY_ROOT = r'Software\Microsoft\.NETFramework\InstallRoot'
# On SGK's system
_FRAMEWORKDIR_HKEY_ROOT = r'Software\Microsoft\Microsoft SDKs\.NETFramework\v2.0\InstallationFolder'
Reported by Pylint.
Line: 40
Column: 3
_FRAMEWORKDIR_HKEY_ROOT = r'Software\Microsoft\Microsoft SDKs\.NETFramework\v2.0\InstallationFolder'
def find_framework_root():
# XXX: find it from environment (FrameworkDir)
try:
froot = read_reg(_FRAMEWORKDIR_HKEY_ROOT)
debug("Found framework install root in registry: {}".format(froot))
except SCons.Util.WinError as e:
debug("Could not read reg key {}".format(_FRAMEWORKDIR_HKEY_ROOT))
Reported by Pylint.
Line: 44
Column: 5
try:
froot = read_reg(_FRAMEWORKDIR_HKEY_ROOT)
debug("Found framework install root in registry: {}".format(froot))
except SCons.Util.WinError as e:
debug("Could not read reg key {}".format(_FRAMEWORKDIR_HKEY_ROOT))
return None
if not os.path.exists(froot):
debug("{} not found on fs".format(froot))
Reported by Pylint.
Line: 1
Column: 1
#
# Copyright (c) 2001 - 2019 The SCons Foundation
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
Reported by Pylint.
Line: 23
Column: 1
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
__revision__ = "src/engine/SCons/Tool/MSCommon/netframework.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
__doc__ = """
"""
import os
Reported by Pylint.
Line: 39
Column: 1
# On SGK's system
_FRAMEWORKDIR_HKEY_ROOT = r'Software\Microsoft\Microsoft SDKs\.NETFramework\v2.0\InstallationFolder'
def find_framework_root():
# XXX: find it from environment (FrameworkDir)
try:
froot = read_reg(_FRAMEWORKDIR_HKEY_ROOT)
debug("Found framework install root in registry: {}".format(froot))
except SCons.Util.WinError as e:
Reported by Pylint.
Line: 44
Column: 5
try:
froot = read_reg(_FRAMEWORKDIR_HKEY_ROOT)
debug("Found framework install root in registry: {}".format(froot))
except SCons.Util.WinError as e:
debug("Could not read reg key {}".format(_FRAMEWORKDIR_HKEY_ROOT))
return None
if not os.path.exists(froot):
debug("{} not found on fs".format(froot))
Reported by Pylint.
Line: 54
Column: 1
return froot
def query_versions():
froot = find_framework_root()
if froot:
contents = os.listdir(froot)
l = re.compile('v[0-9]+.*')
Reported by Pylint.
Line: 59
Column: 9
if froot:
contents = os.listdir(froot)
l = re.compile('v[0-9]+.*')
versions = [e for e in contents if l.match(e)]
def versrt(a,b):
# since version numbers aren't really floats...
aa = a[1:]
Reported by Pylint.
Line: 62
Column: 9
l = re.compile('v[0-9]+.*')
versions = [e for e in contents if l.match(e)]
def versrt(a,b):
# since version numbers aren't really floats...
aa = a[1:]
bb = b[1:]
aal = aa.split('.')
bbl = bb.split('.')
Reported by Pylint.
src/third_party/wiredtiger/test/suite/test_durable_ts02.py
13 issues
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_durable_ts03.py
# Checking visibility and durability of updates with durable_timestamp
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_durable_ts03.py
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_durable_ts03.py
# Checking visibility and durability of updates with durable_timestamp
Reported by Pylint.
Line: 72
Column: 9
ds.populate()
session = self.conn.open_session(self.session_config)
cursor = session.open_cursor(uri, None)
# Set stable timestamp to checkpoint initial data set.
self.conn.set_timestamp('stable_timestamp=' + self.timestamp_str(100))
self.session.checkpoint()
Reported by Pylint.
Line: 78
Column: 9
self.conn.set_timestamp('stable_timestamp=' + self.timestamp_str(100))
self.session.checkpoint()
'''
Commented out for now: the system panics if we fail after preparing a transaction.
# Scenario: 1
# Check to see commit timestamp > durable timestamap, returns error.
session.begin_transaction()
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_durable_ts03.py
# Checking visibility and durability of updates with durable_timestamp
Reported by Pylint.
Line: 30
Column: 1
# OTHER DEALINGS IN THE SOFTWARE.
from helper import copy_wiredtiger_home
import wiredtiger, wttest
from wtdataset import SimpleDataSet
from wtscenario import make_scenarios
# test_durable_ts03.py
# Checking visibility and durability of updates with durable_timestamp
Reported by Pylint.
Line: 36
Column: 1
# test_durable_ts03.py
# Checking visibility and durability of updates with durable_timestamp
class test_durable_ts03(wttest.WiredTigerTestCase):
session_config = 'isolation=snapshot'
keyfmt = [
('row-string', dict(keyfmt='S')),
('row-int', dict(keyfmt='i')),
Reported by Pylint.
Line: 36
Column: 1
# test_durable_ts03.py
# Checking visibility and durability of updates with durable_timestamp
class test_durable_ts03(wttest.WiredTigerTestCase):
session_config = 'isolation=snapshot'
keyfmt = [
('row-string', dict(keyfmt='S')),
('row-int', dict(keyfmt='i')),
Reported by Pylint.
src/third_party/boost/boost/random/uniform_smallint.hpp
13 issues
Line: 37
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#endif
namespace boost {
namespace random {
// uniform integer distribution on a small range [min, max]
/**
* The distribution function uniform_smallint models a \random_distribution.
Reported by FlawFinder.
Line: 200
Column: 37
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
result_type operator()(Engine& eng) const
{
typedef typename Engine::result_type base_result;
return generate(eng, boost::random::traits::is_integral<base_result>());
}
/** Returns a value uniformly distributed in the range [param.a(), param.b()]. */
template<class Engine>
result_type operator()(Engine& eng, const param_type& parm) const
Reported by FlawFinder.
Line: 244
Column: 33
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// equivalent to (eng() - eng.min()) % (_max - _min + 1) + _min,
// but guarantees no overflow.
typedef typename Engine::result_type base_result;
typedef typename boost::random::traits::make_unsigned<base_result>::type base_unsigned;
typedef typename boost::random::traits::make_unsigned_or_unbounded<result_type>::type range_type;
#ifdef BOOST_NO_CXX11_EXPLICIT_CONVERSION_OPERATORS
typedef typename conditional<
std::numeric_limits<range_type>::is_specialized && std::numeric_limits<base_unsigned>::is_specialized
&& (std::numeric_limits<range_type>::digits >= std::numeric_limits<base_unsigned>::digits),
Reported by FlawFinder.
Line: 245
Column: 33
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// but guarantees no overflow.
typedef typename Engine::result_type base_result;
typedef typename boost::random::traits::make_unsigned<base_result>::type base_unsigned;
typedef typename boost::random::traits::make_unsigned_or_unbounded<result_type>::type range_type;
#ifdef BOOST_NO_CXX11_EXPLICIT_CONVERSION_OPERATORS
typedef typename conditional<
std::numeric_limits<range_type>::is_specialized && std::numeric_limits<base_unsigned>::is_specialized
&& (std::numeric_limits<range_type>::digits >= std::numeric_limits<base_unsigned>::digits),
range_type, base_unsigned>::type mixed_range_type;
Reported by FlawFinder.
Line: 254
Column: 28
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#else
typedef base_unsigned mixed_range_type;
#endif
range_type range = random::detail::subtract<result_type>()(_max, _min);
base_unsigned base_range =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
base_unsigned val =
random::detail::subtract<base_result>()(eng(), (eng.min)());
if(range >= base_range) {
Reported by FlawFinder.
Line: 256
Column: 13
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#endif
range_type range = random::detail::subtract<result_type>()(_max, _min);
base_unsigned base_range =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
base_unsigned val =
random::detail::subtract<base_result>()(eng(), (eng.min)());
if(range >= base_range) {
return boost::random::detail::add<range_type, result_type>()(
static_cast<range_type>(val), _min);
Reported by FlawFinder.
Line: 258
Column: 13
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
base_unsigned base_range =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
base_unsigned val =
random::detail::subtract<base_result>()(eng(), (eng.min)());
if(range >= base_range) {
return boost::random::detail::add<range_type, result_type>()(
static_cast<range_type>(val), _min);
} else {
// This involves mixed arithmetic between the base generators range
Reported by FlawFinder.
Line: 260
Column: 27
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
base_unsigned val =
random::detail::subtract<base_result>()(eng(), (eng.min)());
if(range >= base_range) {
return boost::random::detail::add<range_type, result_type>()(
static_cast<range_type>(val), _min);
} else {
// This involves mixed arithmetic between the base generators range
// type, and the result_type's range type. mixed_range_type is
// normally the same as base_unsigned which is the most efficient
Reported by FlawFinder.
Line: 270
Column: 27
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// is a multiprecision type. If no such casts are available then use
// multiprecision arithmetic throughout instead.
mixed_range_type modulus = static_cast<mixed_range_type>(range)+1;
return boost::random::detail::add<range_type, result_type>()(
static_cast<mixed_range_type>(val) % modulus, _min);
}
}
template<class Engine>
Reported by FlawFinder.
Line: 279
Column: 33
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
result_type generate(Engine& eng, boost::false_type) const
{
typedef typename Engine::result_type base_result;
typedef typename boost::random::traits::make_unsigned<result_type>::type range_type;
range_type range = random::detail::subtract<result_type>()(_max, _min);
base_result val = boost::uniform_01<base_result>()(eng);
// what is the worst that can possibly happen here?
// base_result may not be able to represent all the values in [0, range]
// exactly. If this happens, it will cause round off error and we
Reported by FlawFinder.
src/third_party/boost/boost/random/uniform_int_distribution.hpp
13 issues
Line: 38
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#endif
namespace boost {
namespace random {
namespace detail {
#ifdef BOOST_MSVC
#pragma warning(push)
Reported by FlawFinder.
Line: 55
Column: 29
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
boost::true_type /** is_integral<Engine::result_type> */)
{
typedef T result_type;
typedef typename boost::random::traits::make_unsigned_or_unbounded<T>::type range_type;
typedef typename Engine::result_type base_result;
// ranges are always unsigned or unbounded
typedef typename boost::random::traits::make_unsigned_or_unbounded<base_result>::type base_unsigned;
const range_type range = random::detail::subtract<result_type>()(max_value, min_value);
const base_result bmin = (eng.min)();
Reported by FlawFinder.
Line: 58
Column: 29
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
typedef typename boost::random::traits::make_unsigned_or_unbounded<T>::type range_type;
typedef typename Engine::result_type base_result;
// ranges are always unsigned or unbounded
typedef typename boost::random::traits::make_unsigned_or_unbounded<base_result>::type base_unsigned;
const range_type range = random::detail::subtract<result_type>()(max_value, min_value);
const base_result bmin = (eng.min)();
const base_unsigned brange =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
Reported by FlawFinder.
Line: 59
Column: 30
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
typedef typename Engine::result_type base_result;
// ranges are always unsigned or unbounded
typedef typename boost::random::traits::make_unsigned_or_unbounded<base_result>::type base_unsigned;
const range_type range = random::detail::subtract<result_type>()(max_value, min_value);
const base_result bmin = (eng.min)();
const base_unsigned brange =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
if(range == 0) {
Reported by FlawFinder.
Line: 62
Column: 7
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
const range_type range = random::detail::subtract<result_type>()(max_value, min_value);
const base_result bmin = (eng.min)();
const base_unsigned brange =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
if(range == 0) {
return min_value;
} else if(brange == range) {
// this will probably never happen in real life
Reported by FlawFinder.
Line: 69
Column: 25
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
} else if(brange == range) {
// this will probably never happen in real life
// basically nothing to do; just take care we don't overflow / underflow
base_unsigned v = random::detail::subtract<base_result>()(eng(), bmin);
return random::detail::add<base_unsigned, result_type>()(v, min_value);
} else if(brange < range) {
// use rejection method to handle things like 0..3 --> 0..4
for(;;) {
// concatenate several invocations of the base RNG
Reported by FlawFinder.
Line: 70
Column: 14
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// this will probably never happen in real life
// basically nothing to do; just take care we don't overflow / underflow
base_unsigned v = random::detail::subtract<base_result>()(eng(), bmin);
return random::detail::add<base_unsigned, result_type>()(v, min_value);
} else if(brange < range) {
// use rejection method to handle things like 0..3 --> 0..4
for(;;) {
// concatenate several invocations of the base RNG
// take extra care to avoid overflows
Reported by FlawFinder.
Line: 117
Column: 69
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// mult+mult*brange by (2), (3) (4)
// Therefore result+(eng()-bmin)*mult <
// mult*(brange+1) by (4)
result += static_cast<range_type>(static_cast<range_type>(random::detail::subtract<base_result>()(eng(), bmin)) * mult);
// equivalent to (mult * (brange+1)) == range+1, but avoids overflow.
if(mult * range_type(brange) == range - mult + 1) {
// The destination range is an integer power of
// the generator's range.
Reported by FlawFinder.
Line: 186
Column: 16
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// Too big. Reject.
continue;
}
return random::detail::add<range_type, result_type>()(result, min_value);
}
} else { // brange > range
#ifdef BOOST_NO_CXX11_EXPLICIT_CONVERSION_OPERATORS
typedef typename conditional<
std::numeric_limits<range_type>::is_specialized && std::numeric_limits<base_unsigned>::is_specialized
Reported by FlawFinder.
Line: 220
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
}
for(;;) {
mixed_range_type result =
random::detail::subtract<base_result>()(eng(), bmin);
result /= bucket_size;
// result and range are non-negative, and result is possibly larger
// than range, so the cast is safe
if(result <= static_cast<mixed_range_type>(range))
return random::detail::add<mixed_range_type, result_type>()(result, min_value);
Reported by FlawFinder.
src/mongo/logv2/log_domain_global.cpp
13 issues
Line: 128
Column: 40
CWE codes:
134
Suggestion:
Use a constant format string for syslog
auto backend = boost::make_shared<SyslogBackend>(
boost::make_shared<boost::log::sinks::syslog_backend>(
boost::log::keywords::facility =
boost::log::sinks::syslog::make_facility(options.syslogFacility),
boost::log::keywords::use_impl = boost::log::sinks::syslog::native),
boost::make_shared<RamLogSink>(RamLog::get("global")),
boost::make_shared<RamLogSink>(RamLog::get("startupWarnings")),
boost::make_shared<UserAssertSink>());
Reported by FlawFinder.
Line: 129
Column: 69
CWE codes:
134
Suggestion:
Use a constant format string for syslog
boost::make_shared<boost::log::sinks::syslog_backend>(
boost::log::keywords::facility =
boost::log::sinks::syslog::make_facility(options.syslogFacility),
boost::log::keywords::use_impl = boost::log::sinks::syslog::native),
boost::make_shared<RamLogSink>(RamLog::get("global")),
boost::make_shared<RamLogSink>(RamLog::get("startupWarnings")),
boost::make_shared<UserAssertSink>());
boost::log::sinks::syslog::custom_severity_mapping<LogSeverity> mapping(
Reported by FlawFinder.
Line: 134
Column: 28
CWE codes:
134
Suggestion:
Use a constant format string for syslog
boost::make_shared<RamLogSink>(RamLog::get("startupWarnings")),
boost::make_shared<UserAssertSink>());
boost::log::sinks::syslog::custom_severity_mapping<LogSeverity> mapping(
attributes::severity());
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
Reported by FlawFinder.
Line: 137
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
boost::log::sinks::syslog::custom_severity_mapping<LogSeverity> mapping(
attributes::severity());
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
Reported by FlawFinder.
Line: 138
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
attributes::severity());
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
Reported by FlawFinder.
Line: 139
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
Reported by FlawFinder.
Line: 140
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
mapping[LogSeverity::Error()] = boost::log::sinks::syslog::critical;
Reported by FlawFinder.
Line: 141
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
mapping[LogSeverity::Error()] = boost::log::sinks::syslog::critical;
mapping[LogSeverity::Severe()] = boost::log::sinks::syslog::alert;
Reported by FlawFinder.
Line: 142
Column: 58
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
mapping[LogSeverity::Error()] = boost::log::sinks::syslog::critical;
mapping[LogSeverity::Severe()] = boost::log::sinks::syslog::alert;
Reported by FlawFinder.
Line: 143
Column: 59
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
mapping[LogSeverity::Error()] = boost::log::sinks::syslog::critical;
mapping[LogSeverity::Severe()] = boost::log::sinks::syslog::alert;
backend->lockedBackend<0>()->set_severity_mapper(mapping);
Reported by FlawFinder.
src/third_party/mozjs-60/extract/js/src/jit/JitSpewer.cpp
13 issues
Line: 176
Column: 15
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (usePid && *usePid != 0) {
uint32_t pid = getpid();
size_t len;
len = snprintf(jsonBuffer, bufferLength, JIT_SPEW_DIR "/ion%" PRIu32 ".json", pid);
if (bufferLength <= len) {
fprintf(stderr, "Warning: IonSpewer::init: Cannot serialize file name.");
return false;
}
jsonFilename = jsonBuffer;
Reported by FlawFinder.
Line: 183
Column: 15
CWE codes:
134
Suggestion:
Use a constant for the format specification
}
jsonFilename = jsonBuffer;
len = snprintf(c1Buffer, bufferLength, JIT_SPEW_DIR "/ion%" PRIu32 ".cfg", pid);
if (bufferLength <= len) {
fprintf(stderr, "Warning: IonSpewer::init: Cannot serialize file name.");
return false;
}
c1Filename = c1Buffer;
Reported by FlawFinder.
Line: 585
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
JitSpewHeader(channel);
Fprinter& out = JitSpewPrinter();
out.vprintf(fmt, ap);
}
void
jit::JitSpewContVA(JitSpewChannel channel, const char* fmt, va_list ap)
{
Reported by FlawFinder.
Line: 595
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
return;
Fprinter& out = JitSpewPrinter();
out.vprintf(fmt, ap);
}
void
jit::JitSpewFin(JitSpewChannel channel)
{
Reported by FlawFinder.
Line: 106
Column: 33
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static bool
FilterContainsLocation(JSScript* function)
{
static const char* filter = getenv("IONFILTER");
// If there is no filter we accept all outputs.
if (!filter || !filter[0])
return true;
Reported by FlawFinder.
Line: 172
Column: 26
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
const char *c1Filename = JIT_SPEW_DIR "/ion.cfg";
const char *jsonFilename = JIT_SPEW_DIR "/ion.json";
const char* usePid = getenv("ION_SPEW_BY_PID");
if (usePid && *usePid != 0) {
uint32_t pid = getpid();
size_t len;
len = snprintf(jsonBuffer, bufferLength, JIT_SPEW_DIR "/ion%" PRIu32 ".json", pid);
if (bufferLength <= len) {
Reported by FlawFinder.
Line: 402
Column: 23
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (LoggingChecked)
return;
LoggingChecked = true;
const char* env = getenv("IONFLAGS");
if (!env)
return;
if (strstr(env, "help")) {
fflush(nullptr);
printf(
Reported by FlawFinder.
Line: 557
Column: 28
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
FILE* spewfh = stderr;
const char* filename = getenv("ION_SPEW_FILENAME");
if (filename && *filename) {
spewfh = fopen(filename, "w");
MOZ_RELEASE_ASSERT(spewfh);
setbuf(spewfh, nullptr); // Make unbuffered
}
Reported by FlawFinder.
Line: 167
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return true;
const size_t bufferLength = 256;
char c1Buffer[bufferLength];
char jsonBuffer[bufferLength];
const char *c1Filename = JIT_SPEW_DIR "/ion.cfg";
const char *jsonFilename = JIT_SPEW_DIR "/ion.json";
const char* usePid = getenv("ION_SPEW_BY_PID");
Reported by FlawFinder.
Line: 168
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const size_t bufferLength = 256;
char c1Buffer[bufferLength];
char jsonBuffer[bufferLength];
const char *c1Filename = JIT_SPEW_DIR "/ion.cfg";
const char *jsonFilename = JIT_SPEW_DIR "/ion.json";
const char* usePid = getenv("ION_SPEW_BY_PID");
if (usePid && *usePid != 0) {
Reported by FlawFinder.