The following issues were found
src/leveldb/db/log_test.cc
2 issues
Line: 263
int LogTest::num_initial_offset_records_ =
sizeof(LogTest::initial_offset_last_record_offsets_) / sizeof(uint64_t);
TEST(LogTest, Empty) { ASSERT_EQ("EOF", Read()); }
TEST(LogTest, ReadWrite) {
Write("foo");
Write("bar");
Write("");
Reported by Cppcheck.
Line: 29
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
// Construct a string from a number
static std::string NumberString(int n) {
char buf[50];
snprintf(buf, sizeof(buf), "%d.", n);
return std::string(buf);
}
// Return a skewed potentially long string
Reported by FlawFinder.
src/script/keyorigin.h
2 issues
Line: 13
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct KeyOriginInfo
{
unsigned char fingerprint[4]; //!< First 32 bits of the Hash160 of the public key at the root of the path
std::vector<uint32_t> path;
friend bool operator==(const KeyOriginInfo& a, const KeyOriginInfo& b)
{
return std::equal(std::begin(a.fingerprint), std::end(a.fingerprint), std::begin(b.fingerprint)) && a.path == b.path;
Reported by FlawFinder.
Line: 18
Column: 21
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
friend bool operator==(const KeyOriginInfo& a, const KeyOriginInfo& b)
{
return std::equal(std::begin(a.fingerprint), std::end(a.fingerprint), std::begin(b.fingerprint)) && a.path == b.path;
}
SERIALIZE_METHODS(KeyOriginInfo, obj) { READWRITE(obj.fingerprint, obj.path); }
void clear()
Reported by FlawFinder.
src/bench/chacha_poly_aead.cpp
2 issues
Line: 19
Column: 23
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static constexpr uint64_t BUFFER_SIZE_SMALL = 256;
static constexpr uint64_t BUFFER_SIZE_LARGE = 1024 * 1024;
static const unsigned char k1[32] = {0};
static const unsigned char k2[32] = {0};
static ChaCha20Poly1305AEAD aead(k1, 32, k2, 32);
static void CHACHA20_POLY1305_AEAD(benchmark::Bench& bench, size_t buffersize, bool include_decryption)
Reported by FlawFinder.
Line: 20
Column: 23
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static constexpr uint64_t BUFFER_SIZE_LARGE = 1024 * 1024;
static const unsigned char k1[32] = {0};
static const unsigned char k2[32] = {0};
static ChaCha20Poly1305AEAD aead(k1, 32, k2, 32);
static void CHACHA20_POLY1305_AEAD(benchmark::Bench& bench, size_t buffersize, bool include_decryption)
{
Reported by FlawFinder.
src/flatfile.cpp
2 issues
Line: 40
Column: 28
CWE codes:
362
}
fs::path path = FileName(pos);
fs::create_directories(path.parent_path());
FILE* file = fsbridge::fopen(path, read_only ? "rb": "rb+");
if (!file && !read_only)
file = fsbridge::fopen(path, "wb+");
if (!file) {
LogPrintf("Unable to open file %s\n", path.string());
return nullptr;
Reported by FlawFinder.
Line: 42
Column: 26
CWE codes:
362
fs::create_directories(path.parent_path());
FILE* file = fsbridge::fopen(path, read_only ? "rb": "rb+");
if (!file && !read_only)
file = fsbridge::fopen(path, "wb+");
if (!file) {
LogPrintf("Unable to open file %s\n", path.string());
return nullptr;
}
if (pos.nPos && fseek(file, pos.nPos, SEEK_SET)) {
Reported by FlawFinder.
src/script/bitcoinconsensus.cpp
2 issues
Line: 36
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (m_data == nullptr)
throw std::ios_base::failure(std::string(__func__) + ": bad source buffer");
memcpy(pch, m_data, nSize);
m_remaining -= nSize;
m_data += nSize;
}
template<typename T>
Reported by FlawFinder.
Line: 25
Column: 10
CWE codes:
120
20
m_remaining(txToLen)
{}
void read(char* pch, size_t nSize)
{
if (nSize > m_remaining)
throw std::ios_base::failure(std::string(__func__) + ": end of data");
if (pch == nullptr)
Reported by FlawFinder.
test/functional/rpc_deprecated.py
2 issues
Line: 8
Column: 1
"""Test deprecation of RPC calls."""
from test_framework.test_framework import BitcoinTestFramework
class DeprecatedRpcTest(BitcoinTestFramework):
def set_test_params(self):
self.num_nodes = 2
self.setup_clean_chain = True
self.extra_args = [[], ['-deprecatedrpc=bumpfee']]
Reported by Pylint.
Line: 23
Column: 1
#
# In run_test:
# self.log.info("Test generate RPC")
# assert_raises_rpc_error(-32, 'The wallet generate rpc method is deprecated', self.nodes[0].rpc.generate, 1)
# self.nodes[1].generate(1)
self.log.info("No tested deprecated RPC methods")
if __name__ == '__main__':
Reported by Pylint.
src/dbwrapper.cpp
2 issues
Line: 45
Column: 26
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list backup_ap;
va_copy(backup_ap, ap);
// Do not use vsnprintf elsewhere in bitcoin source code, see above.
p += vsnprintf(p, limit - p, format, backup_ap);
va_end(backup_ap);
}
// Truncate to available space if necessary
if (p >= limit) {
Reported by FlawFinder.
Line: 25
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!LogAcceptCategory(BCLog::LEVELDB)) {
return;
}
char buffer[500];
for (int iter = 0; iter < 2; iter++) {
char* base;
int bufsize;
if (iter == 0) {
bufsize = sizeof(buffer);
Reported by FlawFinder.
src/crypto/sha512.h
2 issues
Line: 16
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
private:
uint64_t s[8];
unsigned char buf[128];
uint64_t bytes;
public:
static constexpr size_t OUTPUT_SIZE = 64;
Reported by FlawFinder.
Line: 24
Column: 28
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
CSHA512();
CSHA512& Write(const unsigned char* data, size_t len);
void Finalize(unsigned char hash[OUTPUT_SIZE]);
CSHA512& Reset();
uint64_t Size() const { return bytes; }
};
#endif // BITCOIN_CRYPTO_SHA512_H
Reported by FlawFinder.
src/leveldb/db/c.cc
2 issues
Line: 161
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static char* CopyString(const std::string& str) {
char* result = reinterpret_cast<char*>(malloc(sizeof(char) * str.size()));
memcpy(result, str.data(), sizeof(char) * str.size());
return result;
}
leveldb_t* leveldb_open(const leveldb_options_t* options, const char* name,
char** errptr) {
Reported by FlawFinder.
Line: 551
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
char* buffer = static_cast<char*>(malloc(result.size() + 1));
memcpy(buffer, result.data(), result.size());
buffer[result.size()] = '\0';
return buffer;
}
void leveldb_free(void* ptr) { free(ptr); }
Reported by FlawFinder.
src/qt/android/src/org/bitcoincore/qt/BitcoinQtActivity.java
2 issues
Line: 16
@Override
public void onCreate(Bundle savedInstanceState)
{
final File bitcoinDir = new File(getFilesDir().getAbsolutePath() + "/.bitcoin");
if (!bitcoinDir.exists()) {
bitcoinDir.mkdir();
}
try {
Reported by PMD.
Line: 24
try {
Os.setenv("QT_QPA_PLATFORM", "android", true);
} catch (ErrnoException e) {
e.printStackTrace();
}
super.onCreate(savedInstanceState);
}
}
Reported by PMD.