The following issues were found
Modules/clinic/_pickle.c.h
6 issues
Line: 368
Column: 13
CWE codes:
126
if (encoding == NULL) {
goto exit;
}
if (strlen(encoding) != (size_t)encoding_length) {
PyErr_SetString(PyExc_ValueError, "embedded null character");
goto exit;
}
if (!--noptargs) {
goto skip_optional_kwonly;
Reported by FlawFinder.
Line: 386
Column: 13
CWE codes:
126
if (errors == NULL) {
goto exit;
}
if (strlen(errors) != (size_t)errors_length) {
PyErr_SetString(PyExc_ValueError, "embedded null character");
goto exit;
}
if (!--noptargs) {
goto skip_optional_kwonly;
Reported by FlawFinder.
Line: 703
Column: 13
CWE codes:
126
if (encoding == NULL) {
goto exit;
}
if (strlen(encoding) != (size_t)encoding_length) {
PyErr_SetString(PyExc_ValueError, "embedded null character");
goto exit;
}
if (!--noptargs) {
goto skip_optional_kwonly;
Reported by FlawFinder.
Line: 721
Column: 13
CWE codes:
126
if (errors == NULL) {
goto exit;
}
if (strlen(errors) != (size_t)errors_length) {
PyErr_SetString(PyExc_ValueError, "embedded null character");
goto exit;
}
if (!--noptargs) {
goto skip_optional_kwonly;
Reported by FlawFinder.
Line: 806
Column: 13
CWE codes:
126
if (encoding == NULL) {
goto exit;
}
if (strlen(encoding) != (size_t)encoding_length) {
PyErr_SetString(PyExc_ValueError, "embedded null character");
goto exit;
}
if (!--noptargs) {
goto skip_optional_kwonly;
Reported by FlawFinder.
Line: 824
Column: 13
CWE codes:
126
if (errors == NULL) {
goto exit;
}
if (strlen(errors) != (size_t)errors_length) {
PyErr_SetString(PyExc_ValueError, "embedded null character");
goto exit;
}
if (!--noptargs) {
goto skip_optional_kwonly;
Reported by FlawFinder.
Misc/coverity_model.c
6 issues
Line: 46
CWE codes:
908
/* Never returns NULL */
PyObject *p;
assert(p != NULL);
return p;
}
PyObject *PyLong_FromLong(long ival)
{
PyObject *p;
Reported by Cppcheck.
Line: 59
CWE codes:
908
assert(p != NULL);
return p;
}
if (maybe)
return p;
else
return NULL;
}
Reported by Cppcheck.
Line: 92
CWE codes:
908
wchar_t *w;
__coverity_tainted_data_sink__(arg);
__coverity_tainted_data_sink__(size);
return w;
}
/* Python/marshal.c */
static Py_ssize_t r_string(char *s, Py_ssize_t n, RFILE *p)
Reported by Cppcheck.
Line: 119
CWE codes:
908
DIR *fdopendir(int fd)
{
DIR *d;
if (d) {
__coverity_close__(fd);
}
return d;
}
Reported by Cppcheck.
Line: 143
CWE codes:
908
__coverity_tainted_data_sanitize__(ss);
__coverity_tainted_data_sanitize__(dstflag);
return result;
}
static int
ymd_to_ord(int year, int month, int day)
{
Reported by Cppcheck.
Line: 106
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static long r_long(RFILE *p)
{
long l;
unsigned char buffer[4];
r_string((char *)buffer, 4, p);
__coverity_tainted_string_sanitize_content__(buffer);
l = (long)buffer;
return l;
Reported by FlawFinder.
Parser/myreadline.c
6 issues
Line: 118
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char *
_PyOS_WindowsConsoleReadline(PyThreadState *tstate, HANDLE hStdIn)
{
static wchar_t wbuf_local[1024 * 16];
const DWORD chunk_size = 1024;
DWORD n_read, total_read, wbuflen, u8len;
wchar_t *wbuf;
char *buf = NULL;
Reported by FlawFinder.
Line: 261
Column: 28
CWE codes:
120
if (_get_console_type(hStdErr) == 'w') {
wchar_t *wbuf;
int wlen;
wlen = MultiByteToWideChar(CP_UTF8, 0, prompt, -1,
NULL, 0);
if (wlen) {
wbuf = PyMem_RawMalloc(wlen * sizeof(wchar_t));
if (wbuf == NULL) {
PyEval_RestoreThread(tstate);
Reported by FlawFinder.
Line: 271
Column: 32
CWE codes:
120
PyEval_SaveThread();
return NULL;
}
wlen = MultiByteToWideChar(CP_UTF8, 0, prompt, -1,
wbuf, wlen);
if (wlen) {
DWORD n;
fflush(stderr);
/* wlen includes null terminator, so subtract 1 */
Reported by FlawFinder.
Line: 405
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
len = strlen(rv) + 1;
res = PyMem_Malloc(len);
if (res != NULL) {
memcpy(res, rv, len);
}
else {
PyErr_NoMemory();
}
PyMem_RawFree(rv);
Reported by FlawFinder.
Line: 328
Column: 14
CWE codes:
126
p[n] = '\0';
break;
}
n += strlen(p + n);
} while (p[n-1] != '\n');
pr = (char *)PyMem_RawRealloc(p, n+1);
if (pr == NULL) {
PyMem_RawFree(p);
Reported by FlawFinder.
Line: 402
Column: 11
CWE codes:
126
if (rv == NULL)
return NULL;
len = strlen(rv) + 1;
res = PyMem_Malloc(len);
if (res != NULL) {
memcpy(res, rv, len);
}
else {
Reported by FlawFinder.
Modules/_sha3/kcp/KeccakP-1600-opt64.c
6 issues
Line: 105
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
lane = data[0];
else {
lane = 0;
memcpy(&lane, data, length);
}
lane <<= offset*8;
#else
UINT64 lane = 0;
unsigned int i;
Reported by FlawFinder.
Line: 209
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
else
#endif
{
memcpy((unsigned char*)state+lanePosition*8+offset, data, length);
}
#else
#error "Not yet implemented"
#endif
}
Reported by FlawFinder.
Line: 230
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
else
((UINT64*)state)[lanePosition] = ((const UINT64*)data)[lanePosition];
#else
memcpy(state, data, laneCount*8);
#endif
#else
#error "Not yet implemented"
#endif
}
Reported by FlawFinder.
Line: 315
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
UINT64 lane1[1];
lane1[0] = lane;
memcpy(data, (UINT8*)lane1+offset, length);
}
#else
unsigned int i;
lane >>= offset*8;
for(i=0; i<length; i++) {
Reported by FlawFinder.
Line: 342
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void KeccakP1600_ExtractLanes(const void *state, unsigned char *data, unsigned int laneCount)
{
#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
memcpy(data, state, laneCount*8);
#else
unsigned int i;
for(i=0; i<laneCount; i++)
fromWordToBytes(data+(i*8), ((const UINT64*)state)[i]);
Reported by FlawFinder.
Line: 411
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
unsigned int i;
#if (PLATFORM_BYTE_ORDER != IS_LITTLE_ENDIAN)
unsigned char temp[8];
unsigned int j;
#endif
for(i=0; i<laneCount; i++) {
#if (PLATFORM_BYTE_ORDER == IS_LITTLE_ENDIAN)
Reported by FlawFinder.
Tools/c-analyzer/c_common/iterutil.py
6 issues
Line: 24
Column: 19
if onempty is None:
return
if not callable(onempty):
raise onEmpty
items = onempty(items)
yield from iter_many(items, onempty=None)
return
items = iter(items)
try:
Reported by Pylint.
Line: 35
Column: 19
if onempty is None:
return
if not callable(onempty):
raise onEmpty
items = onempty(items)
yield from iter_many(items, onempty=None)
else:
try:
second = next(items)
Reported by Pylint.
Line: 35
Column: 13
if onempty is None:
return
if not callable(onempty):
raise onEmpty
items = onempty(items)
yield from iter_many(items, onempty=None)
else:
try:
second = next(items)
Reported by Pylint.
Line: 1
Column: 1
_NOT_SET = object()
def peek_and_iter(items):
if not items:
return None, None
items = iter(items)
try:
Reported by Pylint.
Line: 5
Column: 1
_NOT_SET = object()
def peek_and_iter(items):
if not items:
return None, None
items = iter(items)
try:
peeked = next(items)
Reported by Pylint.
Line: 19
Column: 1
return chain(), peeked
def iter_many(items, onempty=None):
if not items:
if onempty is None:
return
if not callable(onempty):
raise onEmpty
Reported by Pylint.
Lib/test/re_tests.py
6 issues
Line: 1
Column: 1
#!/usr/bin/env python3
# -*- mode: python -*-
# Re test suite and benchmark suite v1.5
# The 3 possible outcomes for each pattern
[SUCCEED, FAIL, SYNTAX_ERROR] = range(3)
# Benchmark suite (needs expansion)
Reported by Pylint.
Line: 77
Column: 1
('[\\1]', '\1', SUCCEED, 'found', '\1'), # Character
('\\09', chr(0) + '9', SUCCEED, 'found', chr(0) + '9'),
('\\141', 'a', SUCCEED, 'found', 'a'),
('(a)(b)(c)(d)(e)(f)(g)(h)(i)(j)(k)(l)\\119', 'abcdefghijklk9', SUCCEED, 'found+"-"+g11', 'abcdefghijklk9-k'),
# Test \0 is handled everywhere
(r'\0', '\0', SUCCEED, 'found', '\0'),
(r'[\0a]', '\0', SUCCEED, 'found', '\0'),
(r'[a\0]', '\0', SUCCEED, 'found', '\0'),
Reported by Pylint.
Line: 256
Column: 1
('(a)(b)c|ab', 'ab', SUCCEED, 'found+"-"+g1+"-"+g2', 'ab-None-None'),
('(a)+x', 'aaax', SUCCEED, 'found+"-"+g1', 'aaax-a'),
('([ac])+x', 'aacx', SUCCEED, 'found+"-"+g1', 'aacx-c'),
('([^/]*/)*sub1/', 'd:msgs/tdir/sub1/trial/away.cpp', SUCCEED, 'found+"-"+g1', 'd:msgs/tdir/sub1/-tdir/'),
('([^.]*)\\.([^:]*):[T ]+(.*)', 'track1.title:TBlah blah blah', SUCCEED, 'found+"-"+g1+"-"+g2+"-"+g3', 'track1.title:TBlah blah blah-track1-title-Blah blah blah'),
('([^N]*N)+', 'abNNxyzN', SUCCEED, 'found+"-"+g1', 'abNNxyzN-xyzN'),
('([^N]*N)+', 'abNNxyz', SUCCEED, 'found+"-"+g1', 'abNN-N'),
('([abc]*)x', 'abcx', SUCCEED, 'found+"-"+g1', 'abcx-abc'),
('([abc]*)x', 'abc', FAIL),
Reported by Pylint.
Line: 257
Column: 1
('(a)+x', 'aaax', SUCCEED, 'found+"-"+g1', 'aaax-a'),
('([ac])+x', 'aacx', SUCCEED, 'found+"-"+g1', 'aacx-c'),
('([^/]*/)*sub1/', 'd:msgs/tdir/sub1/trial/away.cpp', SUCCEED, 'found+"-"+g1', 'd:msgs/tdir/sub1/-tdir/'),
('([^.]*)\\.([^:]*):[T ]+(.*)', 'track1.title:TBlah blah blah', SUCCEED, 'found+"-"+g1+"-"+g2+"-"+g3', 'track1.title:TBlah blah blah-track1-title-Blah blah blah'),
('([^N]*N)+', 'abNNxyzN', SUCCEED, 'found+"-"+g1', 'abNNxyzN-xyzN'),
('([^N]*N)+', 'abNNxyz', SUCCEED, 'found+"-"+g1', 'abNN-N'),
('([abc]*)x', 'abcx', SUCCEED, 'found+"-"+g1', 'abcx-abc'),
('([abc]*)x', 'abc', FAIL),
('([xyz]*)x', 'abcx', SUCCEED, 'found+"-"+g1', 'x-'),
Reported by Pylint.
Line: 506
Column: 1
# (r'\x00ff', '\377', SUCCEED, 'found', chr(255)),
(r'\t\n\v\r\f\a', '\t\n\v\r\f\a', SUCCEED, 'found', '\t\n\v\r\f\a'),
('\t\n\v\r\f\a', '\t\n\v\r\f\a', SUCCEED, 'found', '\t\n\v\r\f\a'),
(r'\t\n\v\r\f\a', '\t\n\v\r\f\a', SUCCEED, 'found', chr(9)+chr(10)+chr(11)+chr(13)+chr(12)+chr(7)),
(r'[\t][\n][\v][\r][\f][\b]', '\t\n\v\r\f\b', SUCCEED, 'found', '\t\n\v\r\f\b'),
#
# post-1.5.2 additions
Reported by Pylint.
Line: 558
Column: 1
('^([ab]*?)(?<!(a))c', 'abc', SUCCEED, 'g1+"-"+g2', 'ab-None'),
]
u = '\N{LATIN CAPITAL LETTER A WITH DIAERESIS}'
tests.extend([
# bug 410271: \b broken under locales
(r'\b.\b', 'a', SUCCEED, 'found', 'a'),
(r'(?u)\b.\b', u, SUCCEED, 'found', u),
(r'(?u)\w', u, SUCCEED, 'found', u),
Reported by Pylint.
Lib/test/test_importlib/stubs.py
6 issues
Line: 1
Column: 1
import unittest
class fake_filesystem_unittest:
"""
Stubbed version of the pyfakefs module
"""
class TestCase(unittest.TestCase):
def setUpPyfakefs(self):
Reported by Pylint.
Line: 4
Column: 1
import unittest
class fake_filesystem_unittest:
"""
Stubbed version of the pyfakefs module
"""
class TestCase(unittest.TestCase):
def setUpPyfakefs(self):
Reported by Pylint.
Line: 4
Column: 1
import unittest
class fake_filesystem_unittest:
"""
Stubbed version of the pyfakefs module
"""
class TestCase(unittest.TestCase):
def setUpPyfakefs(self):
Reported by Pylint.
Line: 8
Column: 5
"""
Stubbed version of the pyfakefs module
"""
class TestCase(unittest.TestCase):
def setUpPyfakefs(self):
self.skipTest("pyfakefs not available")
Reported by Pylint.
Line: 9
Column: 9
Stubbed version of the pyfakefs module
"""
class TestCase(unittest.TestCase):
def setUpPyfakefs(self):
self.skipTest("pyfakefs not available")
Reported by Pylint.
Line: 9
Column: 9
Stubbed version of the pyfakefs module
"""
class TestCase(unittest.TestCase):
def setUpPyfakefs(self):
self.skipTest("pyfakefs not available")
Reported by Pylint.
Lib/test/badsyntax_future9.py
6 issues
Line: 3
Column: 1
"""This is a test"""
from __future__ import nested_scopes, braces
def f(x):
def g(y):
return x + y
return g
Reported by Pylint.
Line: 5
Column: 1
from __future__ import nested_scopes, braces
def f(x):
def g(y):
return x + y
return g
print(f(2)(4))
Reported by Pylint.
Line: 5
Column: 1
from __future__ import nested_scopes, braces
def f(x):
def g(y):
return x + y
return g
print(f(2)(4))
Reported by Pylint.
Line: 5
Column: 1
from __future__ import nested_scopes, braces
def f(x):
def g(y):
return x + y
return g
print(f(2)(4))
Reported by Pylint.
Line: 6
Column: 5
from __future__ import nested_scopes, braces
def f(x):
def g(y):
return x + y
return g
print(f(2)(4))
Reported by Pylint.
Line: 6
Column: 5
from __future__ import nested_scopes, braces
def f(x):
def g(y):
return x + y
return g
print(f(2)(4))
Reported by Pylint.
Lib/test/test_metaclass.py
6 issues
Line: 1
Column: 1
doctests = """
Basic class construction.
>>> class C:
... def meth(self): print("Hello")
...
>>> C.__class__ is type
True
Reported by Pylint.
Line: 1
Column: 1
doctests = """
Basic class construction.
>>> class C:
... def meth(self): print("Hello")
...
>>> C.__class__ is type
True
Reported by Pylint.
Line: 251
Column: 1
"""
import sys
# Trace function introduces __locals__ which causes various tests to fail.
if hasattr(sys, 'gettrace') and sys.gettrace():
__test__ = {}
else:
Reported by Pylint.
Line: 259
Column: 1
else:
__test__ = {'doctests' : doctests}
def test_main(verbose=False):
from test import support
from test import test_metaclass
support.run_doctest(test_metaclass, verbose)
if __name__ == "__main__":
Reported by Pylint.
Line: 260
Column: 5
__test__ = {'doctests' : doctests}
def test_main(verbose=False):
from test import support
from test import test_metaclass
support.run_doctest(test_metaclass, verbose)
if __name__ == "__main__":
test_main(verbose=True)
Reported by Pylint.
Line: 261
Column: 5
def test_main(verbose=False):
from test import support
from test import test_metaclass
support.run_doctest(test_metaclass, verbose)
if __name__ == "__main__":
test_main(verbose=True)
Reported by Pylint.
Lib/test/test_errno.py
6 issues
Line: 10
Column: 1
std_c_errors = frozenset(['EDOM', 'ERANGE'])
class ErrnoAttributeTests(unittest.TestCase):
def test_for_improper_attributes(self):
# No unexpected attributes should be on the module.
for error_code in std_c_errors:
self.assertTrue(hasattr(errno, error_code),
Reported by Pylint.
Line: 12
Column: 5
class ErrnoAttributeTests(unittest.TestCase):
def test_for_improper_attributes(self):
# No unexpected attributes should be on the module.
for error_code in std_c_errors:
self.assertTrue(hasattr(errno, error_code),
"errno is missing %s" % error_code)
Reported by Pylint.
Line: 18
Column: 5
self.assertTrue(hasattr(errno, error_code),
"errno is missing %s" % error_code)
def test_using_errorcode(self):
# Every key value in errno.errorcode should be on the module.
for value in errno.errorcode.values():
self.assertTrue(hasattr(errno, value),
'no %s attr in errno' % value)
Reported by Pylint.
Line: 25
Column: 1
'no %s attr in errno' % value)
class ErrorcodeTests(unittest.TestCase):
def test_attributes_in_errorcode(self):
for attribute in errno.__dict__.keys():
if attribute.isupper():
self.assertIn(getattr(errno, attribute), errno.errorcode,
Reported by Pylint.
Line: 27
Column: 5
class ErrorcodeTests(unittest.TestCase):
def test_attributes_in_errorcode(self):
for attribute in errno.__dict__.keys():
if attribute.isupper():
self.assertIn(getattr(errno, attribute), errno.errorcode,
'no %s attr in errno.errorcode' % attribute)
Reported by Pylint.
Line: 28
Column: 26
class ErrorcodeTests(unittest.TestCase):
def test_attributes_in_errorcode(self):
for attribute in errno.__dict__.keys():
if attribute.isupper():
self.assertIn(getattr(errno, attribute), errno.errorcode,
'no %s attr in errno.errorcode' % attribute)
Reported by Pylint.