The following issues were found
src/mongo/logv2/log_domain_global.cpp
13 issues
Line: 128
Column: 40
CWE codes:
134
Suggestion:
Use a constant format string for syslog
auto backend = boost::make_shared<SyslogBackend>(
boost::make_shared<boost::log::sinks::syslog_backend>(
boost::log::keywords::facility =
boost::log::sinks::syslog::make_facility(options.syslogFacility),
boost::log::keywords::use_impl = boost::log::sinks::syslog::native),
boost::make_shared<RamLogSink>(RamLog::get("global")),
boost::make_shared<RamLogSink>(RamLog::get("startupWarnings")),
boost::make_shared<UserAssertSink>());
Reported by FlawFinder.
Line: 129
Column: 69
CWE codes:
134
Suggestion:
Use a constant format string for syslog
boost::make_shared<boost::log::sinks::syslog_backend>(
boost::log::keywords::facility =
boost::log::sinks::syslog::make_facility(options.syslogFacility),
boost::log::keywords::use_impl = boost::log::sinks::syslog::native),
boost::make_shared<RamLogSink>(RamLog::get("global")),
boost::make_shared<RamLogSink>(RamLog::get("startupWarnings")),
boost::make_shared<UserAssertSink>());
boost::log::sinks::syslog::custom_severity_mapping<LogSeverity> mapping(
Reported by FlawFinder.
Line: 134
Column: 28
CWE codes:
134
Suggestion:
Use a constant format string for syslog
boost::make_shared<RamLogSink>(RamLog::get("startupWarnings")),
boost::make_shared<UserAssertSink>());
boost::log::sinks::syslog::custom_severity_mapping<LogSeverity> mapping(
attributes::severity());
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
Reported by FlawFinder.
Line: 137
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
boost::log::sinks::syslog::custom_severity_mapping<LogSeverity> mapping(
attributes::severity());
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
Reported by FlawFinder.
Line: 138
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
attributes::severity());
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
Reported by FlawFinder.
Line: 139
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
Reported by FlawFinder.
Line: 140
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(5)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
mapping[LogSeverity::Error()] = boost::log::sinks::syslog::critical;
Reported by FlawFinder.
Line: 141
Column: 61
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(4)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
mapping[LogSeverity::Error()] = boost::log::sinks::syslog::critical;
mapping[LogSeverity::Severe()] = boost::log::sinks::syslog::alert;
Reported by FlawFinder.
Line: 142
Column: 58
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(3)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
mapping[LogSeverity::Error()] = boost::log::sinks::syslog::critical;
mapping[LogSeverity::Severe()] = boost::log::sinks::syslog::alert;
Reported by FlawFinder.
Line: 143
Column: 59
CWE codes:
134
Suggestion:
Use a constant format string for syslog
mapping[LogSeverity::Debug(2)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Debug(1)] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Log()] = boost::log::sinks::syslog::debug;
mapping[LogSeverity::Info()] = boost::log::sinks::syslog::info;
mapping[LogSeverity::Warning()] = boost::log::sinks::syslog::warning;
mapping[LogSeverity::Error()] = boost::log::sinks::syslog::critical;
mapping[LogSeverity::Severe()] = boost::log::sinks::syslog::alert;
backend->lockedBackend<0>()->set_severity_mapper(mapping);
Reported by FlawFinder.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Tool/MSCommon/netframework.py
13 issues
Line: 32
Column: 1
import re
import SCons.Util
from .common import read_reg, debug
# Original value recorded by dcournapeau
_FRAMEWORKDIR_HKEY_ROOT = r'Software\Microsoft\.NETFramework\InstallRoot'
# On SGK's system
_FRAMEWORKDIR_HKEY_ROOT = r'Software\Microsoft\Microsoft SDKs\.NETFramework\v2.0\InstallationFolder'
Reported by Pylint.
Line: 40
Column: 3
_FRAMEWORKDIR_HKEY_ROOT = r'Software\Microsoft\Microsoft SDKs\.NETFramework\v2.0\InstallationFolder'
def find_framework_root():
# XXX: find it from environment (FrameworkDir)
try:
froot = read_reg(_FRAMEWORKDIR_HKEY_ROOT)
debug("Found framework install root in registry: {}".format(froot))
except SCons.Util.WinError as e:
debug("Could not read reg key {}".format(_FRAMEWORKDIR_HKEY_ROOT))
Reported by Pylint.
Line: 44
Column: 5
try:
froot = read_reg(_FRAMEWORKDIR_HKEY_ROOT)
debug("Found framework install root in registry: {}".format(froot))
except SCons.Util.WinError as e:
debug("Could not read reg key {}".format(_FRAMEWORKDIR_HKEY_ROOT))
return None
if not os.path.exists(froot):
debug("{} not found on fs".format(froot))
Reported by Pylint.
Line: 1
Column: 1
#
# Copyright (c) 2001 - 2019 The SCons Foundation
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
Reported by Pylint.
Line: 23
Column: 1
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
__revision__ = "src/engine/SCons/Tool/MSCommon/netframework.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
__doc__ = """
"""
import os
Reported by Pylint.
Line: 39
Column: 1
# On SGK's system
_FRAMEWORKDIR_HKEY_ROOT = r'Software\Microsoft\Microsoft SDKs\.NETFramework\v2.0\InstallationFolder'
def find_framework_root():
# XXX: find it from environment (FrameworkDir)
try:
froot = read_reg(_FRAMEWORKDIR_HKEY_ROOT)
debug("Found framework install root in registry: {}".format(froot))
except SCons.Util.WinError as e:
Reported by Pylint.
Line: 44
Column: 5
try:
froot = read_reg(_FRAMEWORKDIR_HKEY_ROOT)
debug("Found framework install root in registry: {}".format(froot))
except SCons.Util.WinError as e:
debug("Could not read reg key {}".format(_FRAMEWORKDIR_HKEY_ROOT))
return None
if not os.path.exists(froot):
debug("{} not found on fs".format(froot))
Reported by Pylint.
Line: 54
Column: 1
return froot
def query_versions():
froot = find_framework_root()
if froot:
contents = os.listdir(froot)
l = re.compile('v[0-9]+.*')
Reported by Pylint.
Line: 59
Column: 9
if froot:
contents = os.listdir(froot)
l = re.compile('v[0-9]+.*')
versions = [e for e in contents if l.match(e)]
def versrt(a,b):
# since version numbers aren't really floats...
aa = a[1:]
Reported by Pylint.
Line: 62
Column: 9
l = re.compile('v[0-9]+.*')
versions = [e for e in contents if l.match(e)]
def versrt(a,b):
# since version numbers aren't really floats...
aa = a[1:]
bb = b[1:]
aal = aa.split('.')
bbl = bb.split('.')
Reported by Pylint.
src/third_party/boost/boost/random/uniform_smallint.hpp
13 issues
Line: 37
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#endif
namespace boost {
namespace random {
// uniform integer distribution on a small range [min, max]
/**
* The distribution function uniform_smallint models a \random_distribution.
Reported by FlawFinder.
Line: 200
Column: 37
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
result_type operator()(Engine& eng) const
{
typedef typename Engine::result_type base_result;
return generate(eng, boost::random::traits::is_integral<base_result>());
}
/** Returns a value uniformly distributed in the range [param.a(), param.b()]. */
template<class Engine>
result_type operator()(Engine& eng, const param_type& parm) const
Reported by FlawFinder.
Line: 244
Column: 33
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// equivalent to (eng() - eng.min()) % (_max - _min + 1) + _min,
// but guarantees no overflow.
typedef typename Engine::result_type base_result;
typedef typename boost::random::traits::make_unsigned<base_result>::type base_unsigned;
typedef typename boost::random::traits::make_unsigned_or_unbounded<result_type>::type range_type;
#ifdef BOOST_NO_CXX11_EXPLICIT_CONVERSION_OPERATORS
typedef typename conditional<
std::numeric_limits<range_type>::is_specialized && std::numeric_limits<base_unsigned>::is_specialized
&& (std::numeric_limits<range_type>::digits >= std::numeric_limits<base_unsigned>::digits),
Reported by FlawFinder.
Line: 245
Column: 33
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// but guarantees no overflow.
typedef typename Engine::result_type base_result;
typedef typename boost::random::traits::make_unsigned<base_result>::type base_unsigned;
typedef typename boost::random::traits::make_unsigned_or_unbounded<result_type>::type range_type;
#ifdef BOOST_NO_CXX11_EXPLICIT_CONVERSION_OPERATORS
typedef typename conditional<
std::numeric_limits<range_type>::is_specialized && std::numeric_limits<base_unsigned>::is_specialized
&& (std::numeric_limits<range_type>::digits >= std::numeric_limits<base_unsigned>::digits),
range_type, base_unsigned>::type mixed_range_type;
Reported by FlawFinder.
Line: 254
Column: 28
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#else
typedef base_unsigned mixed_range_type;
#endif
range_type range = random::detail::subtract<result_type>()(_max, _min);
base_unsigned base_range =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
base_unsigned val =
random::detail::subtract<base_result>()(eng(), (eng.min)());
if(range >= base_range) {
Reported by FlawFinder.
Line: 256
Column: 13
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#endif
range_type range = random::detail::subtract<result_type>()(_max, _min);
base_unsigned base_range =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
base_unsigned val =
random::detail::subtract<base_result>()(eng(), (eng.min)());
if(range >= base_range) {
return boost::random::detail::add<range_type, result_type>()(
static_cast<range_type>(val), _min);
Reported by FlawFinder.
Line: 258
Column: 13
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
base_unsigned base_range =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
base_unsigned val =
random::detail::subtract<base_result>()(eng(), (eng.min)());
if(range >= base_range) {
return boost::random::detail::add<range_type, result_type>()(
static_cast<range_type>(val), _min);
} else {
// This involves mixed arithmetic between the base generators range
Reported by FlawFinder.
Line: 260
Column: 27
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
base_unsigned val =
random::detail::subtract<base_result>()(eng(), (eng.min)());
if(range >= base_range) {
return boost::random::detail::add<range_type, result_type>()(
static_cast<range_type>(val), _min);
} else {
// This involves mixed arithmetic between the base generators range
// type, and the result_type's range type. mixed_range_type is
// normally the same as base_unsigned which is the most efficient
Reported by FlawFinder.
Line: 270
Column: 27
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// is a multiprecision type. If no such casts are available then use
// multiprecision arithmetic throughout instead.
mixed_range_type modulus = static_cast<mixed_range_type>(range)+1;
return boost::random::detail::add<range_type, result_type>()(
static_cast<mixed_range_type>(val) % modulus, _min);
}
}
template<class Engine>
Reported by FlawFinder.
Line: 279
Column: 33
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
result_type generate(Engine& eng, boost::false_type) const
{
typedef typename Engine::result_type base_result;
typedef typename boost::random::traits::make_unsigned<result_type>::type range_type;
range_type range = random::detail::subtract<result_type>()(_max, _min);
base_result val = boost::uniform_01<base_result>()(eng);
// what is the worst that can possibly happen here?
// base_result may not be able to represent all the values in [0, range]
// exactly. If this happens, it will cause round off error and we
Reported by FlawFinder.
src/third_party/boost/boost/random/uniform_int_distribution.hpp
13 issues
Line: 38
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
#endif
namespace boost {
namespace random {
namespace detail {
#ifdef BOOST_MSVC
#pragma warning(push)
Reported by FlawFinder.
Line: 55
Column: 29
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
boost::true_type /** is_integral<Engine::result_type> */)
{
typedef T result_type;
typedef typename boost::random::traits::make_unsigned_or_unbounded<T>::type range_type;
typedef typename Engine::result_type base_result;
// ranges are always unsigned or unbounded
typedef typename boost::random::traits::make_unsigned_or_unbounded<base_result>::type base_unsigned;
const range_type range = random::detail::subtract<result_type>()(max_value, min_value);
const base_result bmin = (eng.min)();
Reported by FlawFinder.
Line: 58
Column: 29
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
typedef typename boost::random::traits::make_unsigned_or_unbounded<T>::type range_type;
typedef typename Engine::result_type base_result;
// ranges are always unsigned or unbounded
typedef typename boost::random::traits::make_unsigned_or_unbounded<base_result>::type base_unsigned;
const range_type range = random::detail::subtract<result_type>()(max_value, min_value);
const base_result bmin = (eng.min)();
const base_unsigned brange =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
Reported by FlawFinder.
Line: 59
Column: 30
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
typedef typename Engine::result_type base_result;
// ranges are always unsigned or unbounded
typedef typename boost::random::traits::make_unsigned_or_unbounded<base_result>::type base_unsigned;
const range_type range = random::detail::subtract<result_type>()(max_value, min_value);
const base_result bmin = (eng.min)();
const base_unsigned brange =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
if(range == 0) {
Reported by FlawFinder.
Line: 62
Column: 7
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
const range_type range = random::detail::subtract<result_type>()(max_value, min_value);
const base_result bmin = (eng.min)();
const base_unsigned brange =
random::detail::subtract<base_result>()((eng.max)(), (eng.min)());
if(range == 0) {
return min_value;
} else if(brange == range) {
// this will probably never happen in real life
Reported by FlawFinder.
Line: 69
Column: 25
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
} else if(brange == range) {
// this will probably never happen in real life
// basically nothing to do; just take care we don't overflow / underflow
base_unsigned v = random::detail::subtract<base_result>()(eng(), bmin);
return random::detail::add<base_unsigned, result_type>()(v, min_value);
} else if(brange < range) {
// use rejection method to handle things like 0..3 --> 0..4
for(;;) {
// concatenate several invocations of the base RNG
Reported by FlawFinder.
Line: 70
Column: 14
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// this will probably never happen in real life
// basically nothing to do; just take care we don't overflow / underflow
base_unsigned v = random::detail::subtract<base_result>()(eng(), bmin);
return random::detail::add<base_unsigned, result_type>()(v, min_value);
} else if(brange < range) {
// use rejection method to handle things like 0..3 --> 0..4
for(;;) {
// concatenate several invocations of the base RNG
// take extra care to avoid overflows
Reported by FlawFinder.
Line: 117
Column: 69
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// mult+mult*brange by (2), (3) (4)
// Therefore result+(eng()-bmin)*mult <
// mult*(brange+1) by (4)
result += static_cast<range_type>(static_cast<range_type>(random::detail::subtract<base_result>()(eng(), bmin)) * mult);
// equivalent to (mult * (brange+1)) == range+1, but avoids overflow.
if(mult * range_type(brange) == range - mult + 1) {
// The destination range is an integer power of
// the generator's range.
Reported by FlawFinder.
Line: 186
Column: 16
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
// Too big. Reject.
continue;
}
return random::detail::add<range_type, result_type>()(result, min_value);
}
} else { // brange > range
#ifdef BOOST_NO_CXX11_EXPLICIT_CONVERSION_OPERATORS
typedef typename conditional<
std::numeric_limits<range_type>::is_specialized && std::numeric_limits<base_unsigned>::is_specialized
Reported by FlawFinder.
Line: 220
Column: 11
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
}
for(;;) {
mixed_range_type result =
random::detail::subtract<base_result>()(eng(), bmin);
result /= bucket_size;
// result and range are non-negative, and result is possibly larger
// than range, so the cast is safe
if(result <= static_cast<mixed_range_type>(range))
return random::detail::add<mixed_range_type, result_type>()(result, min_value);
Reported by FlawFinder.
src/third_party/wiredtiger/test/suite/test_metadata_cursor03.py
13 issues
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 61
Column: 30
c.close()
return count
def verify_logrecs(self, origcnt):
#
# Walk through all the log and make sure that creating any table
# only writes two log records to the log. The two records are the
# commit entry itself and the sync record for the metadata file.
#
Reported by Pylint.
Line: 67
Column: 9
# only writes two log records to the log. The two records are the
# commit entry itself and the sync record for the metadata file.
#
count = self.count_logrecs()
# To be re-enabled when WT-3965 is fixed.
#self.assertTrue(count == origcnt + 2)
# Test that creating and dropping tables does not write individual
# log records.
Reported by Pylint.
Line: 1
Column: 1
#!/usr/bin/env python
#
# Public Domain 2014-present MongoDB, Inc.
# Public Domain 2008-2014 WiredTiger, Inc.
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
Reported by Pylint.
Line: 29
Column: 1
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
import sys, wiredtiger, wttest
from wtscenario import make_scenarios
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
Reported by Pylint.
Line: 34
Column: 1
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
conn_config = 'log=(enabled)'
types = [
('file', dict(uri='file:', use_cg=False, use_index=False)),
('lsm', dict(uri='lsm:', use_cg=False, use_index=False)),
('table-cg', dict(uri='table:', use_cg=True, use_index=False)),
Reported by Pylint.
Line: 34
Column: 1
# test_metadata03.py
# Test atomic schema operations on create.
class test_metadata03(wttest.WiredTigerTestCase):
conn_config = 'log=(enabled)'
types = [
('file', dict(uri='file:', use_cg=False, use_index=False)),
('lsm', dict(uri='lsm:', use_cg=False, use_index=False)),
('table-cg', dict(uri='table:', use_cg=True, use_index=False)),
Reported by Pylint.
Line: 48
Column: 5
# Count actual log records in the log. Log cursors walk the individual
# operations of a transaction as well as the entire record. Skip counting
# any individual commit operations and only count entire records.
def count_logrecs(self):
count = 0
c = self.session.open_cursor('log:', None, None)
while c.next() == 0:
# lsn.file, lsn.offset, opcount
keys = c.get_key()
Reported by Pylint.
src/third_party/mozjs-60/extract/js/src/jit/JitSpewer.cpp
13 issues
Line: 176
Column: 15
CWE codes:
134
Suggestion:
Use a constant for the format specification
if (usePid && *usePid != 0) {
uint32_t pid = getpid();
size_t len;
len = snprintf(jsonBuffer, bufferLength, JIT_SPEW_DIR "/ion%" PRIu32 ".json", pid);
if (bufferLength <= len) {
fprintf(stderr, "Warning: IonSpewer::init: Cannot serialize file name.");
return false;
}
jsonFilename = jsonBuffer;
Reported by FlawFinder.
Line: 183
Column: 15
CWE codes:
134
Suggestion:
Use a constant for the format specification
}
jsonFilename = jsonBuffer;
len = snprintf(c1Buffer, bufferLength, JIT_SPEW_DIR "/ion%" PRIu32 ".cfg", pid);
if (bufferLength <= len) {
fprintf(stderr, "Warning: IonSpewer::init: Cannot serialize file name.");
return false;
}
c1Filename = c1Buffer;
Reported by FlawFinder.
Line: 585
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
JitSpewHeader(channel);
Fprinter& out = JitSpewPrinter();
out.vprintf(fmt, ap);
}
void
jit::JitSpewContVA(JitSpewChannel channel, const char* fmt, va_list ap)
{
Reported by FlawFinder.
Line: 595
Column: 9
CWE codes:
134
Suggestion:
Use a constant for the format specification
return;
Fprinter& out = JitSpewPrinter();
out.vprintf(fmt, ap);
}
void
jit::JitSpewFin(JitSpewChannel channel)
{
Reported by FlawFinder.
Line: 106
Column: 33
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static bool
FilterContainsLocation(JSScript* function)
{
static const char* filter = getenv("IONFILTER");
// If there is no filter we accept all outputs.
if (!filter || !filter[0])
return true;
Reported by FlawFinder.
Line: 172
Column: 26
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
const char *c1Filename = JIT_SPEW_DIR "/ion.cfg";
const char *jsonFilename = JIT_SPEW_DIR "/ion.json";
const char* usePid = getenv("ION_SPEW_BY_PID");
if (usePid && *usePid != 0) {
uint32_t pid = getpid();
size_t len;
len = snprintf(jsonBuffer, bufferLength, JIT_SPEW_DIR "/ion%" PRIu32 ".json", pid);
if (bufferLength <= len) {
Reported by FlawFinder.
Line: 402
Column: 23
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
if (LoggingChecked)
return;
LoggingChecked = true;
const char* env = getenv("IONFLAGS");
if (!env)
return;
if (strstr(env, "help")) {
fflush(nullptr);
printf(
Reported by FlawFinder.
Line: 557
Column: 28
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
FILE* spewfh = stderr;
const char* filename = getenv("ION_SPEW_FILENAME");
if (filename && *filename) {
spewfh = fopen(filename, "w");
MOZ_RELEASE_ASSERT(spewfh);
setbuf(spewfh, nullptr); // Make unbuffered
}
Reported by FlawFinder.
Line: 167
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return true;
const size_t bufferLength = 256;
char c1Buffer[bufferLength];
char jsonBuffer[bufferLength];
const char *c1Filename = JIT_SPEW_DIR "/ion.cfg";
const char *jsonFilename = JIT_SPEW_DIR "/ion.json";
const char* usePid = getenv("ION_SPEW_BY_PID");
Reported by FlawFinder.
Line: 168
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const size_t bufferLength = 256;
char c1Buffer[bufferLength];
char jsonBuffer[bufferLength];
const char *c1Filename = JIT_SPEW_DIR "/ion.cfg";
const char *jsonFilename = JIT_SPEW_DIR "/ion.json";
const char* usePid = getenv("ION_SPEW_BY_PID");
if (usePid && *usePid != 0) {
Reported by FlawFinder.
src/mongo/db/storage/storage_engine_lock_file_test.cpp
13 issues
Line: 54
using namespace mongo;
TEST(StorageEngineLockFileTest, UncleanShutdownNoExistingFile) {
TempDir tempDir("StorageEngineLockFileTest_UncleanShutdownNoExistingFile");
StorageEngineLockFile lockFile(tempDir.path());
ASSERT_FALSE(lockFile.createdByUncleanShutdown());
}
Reported by Cppcheck.
Line: 196
Column: 11
CWE codes:
362
Suggestion:
Use fchmod( ) instead
#ifdef _WIN32
::SetFileAttributes(path.c_str(), FILE_ATTRIBUTE_READONLY);
#else
::chmod(path.c_str(), 0544);
#endif
}
static void makePathWritable(const boost::filesystem::path& path) {
#ifdef _WIN32
Reported by FlawFinder.
Line: 204
Column: 11
CWE codes:
362
Suggestion:
Use fchmod( ) instead
#ifdef _WIN32
::SetFileAttributes(path.c_str(), FILE_ATTRIBUTE_NORMAL);
#else
::chmod(path.c_str(), 0777);
#endif
}
template <typename Func>
static void _applyToPathRecursive(const boost::filesystem::path& path, Func func) {
Reported by FlawFinder.
Line: 85
Column: 30
CWE codes:
362
StorageEngineLockFile lockFile("no_such_directory");
ASSERT_EQUALS((boost::filesystem::path("no_such_directory") / "mongod.lock").string(),
lockFile.getFilespec());
Status status = lockFile.open();
ASSERT_NOT_OK(status);
ASSERT_EQUALS(ErrorCodes::NonExistentPath, status.code());
}
// Cause ::open() to fail by providing a regular file instead of a directory for 'dbpath'.
Reported by FlawFinder.
Line: 96
Column: 30
CWE codes:
362
std::string filename(tempDir.path() + "/some_file");
std::ofstream(filename.c_str());
StorageEngineLockFile lockFile(filename);
Status status = lockFile.open();
ASSERT_NOT_OK(status);
ASSERT_EQUALS(ErrorCodes::DBPathInUse, status.code());
}
TEST(StorageEngineLockFileTest, OpenNoExistingLockFile) {
Reported by FlawFinder.
Line: 104
Column: 24
CWE codes:
362
TEST(StorageEngineLockFileTest, OpenNoExistingLockFile) {
TempDir tempDir("StorageEngineLockFileTest_OpenNoExistingLockFile");
StorageEngineLockFile lockFile(tempDir.path());
ASSERT_OK(lockFile.open());
lockFile.close();
}
TEST(StorageEngineLockFileTest, OpenEmptyLockFile) {
TempDir tempDir("StorageEngineLockFileTest_OpenEmptyLockFile");
Reported by FlawFinder.
Line: 113
Column: 24
CWE codes:
362
StorageEngineLockFile lockFile(tempDir.path());
std::string filename(lockFile.getFilespec());
std::ofstream(filename.c_str());
ASSERT_OK(lockFile.open());
lockFile.close();
}
TEST(StorageEngineLockFileTest, WritePidFileNotOpened) {
TempDir tempDir("StorageEngineLockFileTest_WritePidFileNotOpened");
Reported by FlawFinder.
Line: 128
Column: 24
CWE codes:
362
TEST(StorageEngineLockFileTest, WritePidFileOpened) {
TempDir tempDir("StorageEngineLockFileTest_WritePidFileOpened");
StorageEngineLockFile lockFile(tempDir.path());
ASSERT_OK(lockFile.open());
ASSERT_OK(lockFile.writePid());
lockFile.close();
// Read PID from lock file.
std::string filename(lockFile.getFilespec());
Reported by FlawFinder.
Line: 151
Column: 24
CWE codes:
362
ASSERT_FALSE(currentPidStr.empty());
ofs << std::string(currentPidStr.size() * 100, 'X') << std::endl;
}
ASSERT_OK(lockFile.open());
ASSERT_OK(lockFile.writePid());
lockFile.close();
// Read PID from lock file.
std::string filename(lockFile.getFilespec());
Reported by FlawFinder.
Line: 170
Column: 24
CWE codes:
362
TEST(StorageEngineLockFileTest, ClearPidAndUnlock) {
TempDir tempDir("StorageEngineLockFileTest_ClearPidAndUnlock");
StorageEngineLockFile lockFile(tempDir.path());
ASSERT_OK(lockFile.open());
ASSERT_OK(lockFile.writePid());
// Clear lock file contents.
lockFile.clearPidAndUnlock();
ASSERT_TRUE(boost::filesystem::exists(lockFile.getFilespec()));
Reported by FlawFinder.
site_scons/site_tools/gziptool.py
13 issues
Line: 23
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
import SCons
import gzip
import shutil
def GZipAction(target, source, env, **kw):
Reported by Pylint.
Line: 28
Column: 1
import shutil
def GZipAction(target, source, env, **kw):
dst_gzip = gzip.GzipFile(str(target[0]), "wb")
with open(str(source[0]), "rb") as src_file:
shutil.copyfileobj(src_file, dst_gzip)
dst_gzip.close()
Reported by Pylint.
Line: 28
Column: 32
import shutil
def GZipAction(target, source, env, **kw):
dst_gzip = gzip.GzipFile(str(target[0]), "wb")
with open(str(source[0]), "rb") as src_file:
shutil.copyfileobj(src_file, dst_gzip)
dst_gzip.close()
Reported by Pylint.
Line: 44
Column: 18
)
def GZipTool(env, target, source, **kwargs):
result = env.__GZIPTOOL(target=target, source=source, **kwargs)
env.AlwaysBuild(result)
return result
env.AddMethod(GZipTool, "GZip")
Reported by Pylint.
Line: 51
Column: 12
env.AddMethod(GZipTool, "GZip")
def exists(env):
return True
Reported by Pylint.
Line: 1
Column: 1
# Copyright 2020 MongoDB Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
Reported by Pylint.
Line: 24
Column: 1
#
import SCons
import gzip
import shutil
def GZipAction(target, source, env, **kw):
dst_gzip = gzip.GzipFile(str(target[0]), "wb")
Reported by Pylint.
Line: 25
Column: 1
import SCons
import gzip
import shutil
def GZipAction(target, source, env, **kw):
dst_gzip = gzip.GzipFile(str(target[0]), "wb")
with open(str(source[0]), "rb") as src_file:
Reported by Pylint.
Line: 28
Column: 1
import shutil
def GZipAction(target, source, env, **kw):
dst_gzip = gzip.GzipFile(str(target[0]), "wb")
with open(str(source[0]), "rb") as src_file:
shutil.copyfileobj(src_file, dst_gzip)
dst_gzip.close()
Reported by Pylint.
Line: 28
Column: 1
import shutil
def GZipAction(target, source, env, **kw):
dst_gzip = gzip.GzipFile(str(target[0]), "wb")
with open(str(source[0]), "rb") as src_file:
shutil.copyfileobj(src_file, dst_gzip)
dst_gzip.close()
Reported by Pylint.
site_scons/site_tools/git_decider.py
13 issues
Line: 23
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
def generate(env, **kwargs):
# Grab the existing decider functions out of the environment
# so we can invoke them when we can't use Git.
base_decider = env.decide_target
if base_decider != env.decide_source:
Reported by Pylint.
Line: 76
Column: 5
Git(env.Dir("#").abspath).ls_files("--stage")
return True
except:
return False
Reported by Pylint.
Line: 1
Column: 1
# Copyright 2020 MongoDB Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
# the following conditions:
Reported by Pylint.
Line: 23
Column: 1
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
def generate(env, **kwargs):
# Grab the existing decider functions out of the environment
# so we can invoke them when we can't use Git.
base_decider = env.decide_target
if base_decider != env.decide_source:
Reported by Pylint.
Line: 31
Column: 5
if base_decider != env.decide_source:
raise Exception("Decider environment seems broken")
from git import Git
thisRepo = Git(env.Dir("#").abspath)
currentGitState = thisRepo.ls_files("--stage")
lines = currentGitState.split("\n")
Reported by Pylint.
Line: 33
Column: 5
from git import Git
thisRepo = Git(env.Dir("#").abspath)
currentGitState = thisRepo.ls_files("--stage")
lines = currentGitState.split("\n")
file_sha1_map = {}
for line in lines:
Reported by Pylint.
Line: 34
Column: 5
from git import Git
thisRepo = Git(env.Dir("#").abspath)
currentGitState = thisRepo.ls_files("--stage")
lines = currentGitState.split("\n")
file_sha1_map = {}
for line in lines:
line_content = line.split()
Reported by Pylint.
Line: 42
Column: 9
line_content = line.split()
file_sha1_map[env.File(line_content[3]).path] = line_content[1]
for m in thisRepo.ls_files("-m").split("\n"):
if m:
del file_sha1_map[env.File(m).path]
def is_known_to_git(dependency):
return str(dependency) in file_sha1_map
Reported by Pylint.
Line: 50
Column: 9
return str(dependency) in file_sha1_map
def git_says_file_is_up_to_date(dependency, prev_ni):
gitInfoForDep = file_sha1_map[str(dependency)]
if prev_ni is None:
dependency.get_ninfo().csig = gitInfoForDep
return False
Reported by Pylint.
Line: 56
Column: 1
dependency.get_ninfo().csig = gitInfoForDep
return False
if not (hasattr(prev_ni, "csig")):
prev_ni.csig = gitInfoForDep
result = gitInfoForDep == prev_ni.csig
return result
Reported by Pylint.
src/third_party/scons-3.1.2/scons-local-3.1.2/SCons/Scanner/Dir.py
12 issues
Line: 67
Column: 16
for skip in skip_entry_list:
skip_entry[skip] = 1
skip_entry[SCons.Node.FS._my_normcase(skip)] = 1
do_not_scan = lambda k: k not in skip_entry
def scan_on_disk(node, env, path=()):
"""
Reported by Pylint.
Line: 90
Column: 26
e('./' + f)
return scan_in_memory(node, env, path)
def scan_in_memory(node, env, path=()):
"""
"Scans" a Node.FS.Dir for its in-memory entries.
"""
try:
entries = node.entries
Reported by Pylint.
Line: 90
Column: 31
e('./' + f)
return scan_in_memory(node, env, path)
def scan_in_memory(node, env, path=()):
"""
"Scans" a Node.FS.Dir for its in-memory entries.
"""
try:
entries = node.entries
Reported by Pylint.
Line: 1
Column: 1
#
# Copyright (c) 2001 - 2019 The SCons Foundation
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
Reported by Pylint.
Line: 1
Column: 1
#
# Copyright (c) 2001 - 2019 The SCons Foundation
#
# Permission is hereby granted, free of charge, to any person obtaining
# a copy of this software and associated documentation files (the
# "Software"), to deal in the Software without restriction, including
# without limitation the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to
Reported by Pylint.
Line: 23
Column: 1
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
__revision__ = "src/engine/SCons/Scanner/Dir.py bee7caf9defd6e108fc2998a2520ddb36a967691 2019-12-17 02:07:09 bdeegan"
import SCons.Node.FS
import SCons.Scanner
def only_dirs(nodes):
Reported by Pylint.
Line: 28
Column: 1
import SCons.Node.FS
import SCons.Scanner
def only_dirs(nodes):
is_Dir = lambda n: isinstance(n.disambiguate(), SCons.Node.FS.Dir)
return [node for node in nodes if is_Dir(node)]
def DirScanner(**kw):
"""Return a prototype Scanner instance for scanning
Reported by Pylint.
Line: 29
Column: 5
import SCons.Scanner
def only_dirs(nodes):
is_Dir = lambda n: isinstance(n.disambiguate(), SCons.Node.FS.Dir)
return [node for node in nodes if is_Dir(node)]
def DirScanner(**kw):
"""Return a prototype Scanner instance for scanning
directories for on-disk files"""
Reported by Pylint.
Line: 32
Column: 1
is_Dir = lambda n: isinstance(n.disambiguate(), SCons.Node.FS.Dir)
return [node for node in nodes if is_Dir(node)]
def DirScanner(**kw):
"""Return a prototype Scanner instance for scanning
directories for on-disk files"""
kw['node_factory'] = SCons.Node.FS.Entry
kw['recursive'] = only_dirs
return SCons.Scanner.Base(scan_on_disk, "DirScanner", **kw)
Reported by Pylint.
Line: 39
Column: 1
kw['recursive'] = only_dirs
return SCons.Scanner.Base(scan_on_disk, "DirScanner", **kw)
def DirEntryScanner(**kw):
"""Return a prototype Scanner instance for "scanning"
directory Nodes for their in-memory entries"""
kw['node_factory'] = SCons.Node.FS.Entry
kw['recursive'] = None
return SCons.Scanner.Base(scan_in_memory, "DirEntryScanner", **kw)
Reported by Pylint.