The following issues were found
Modules/_sqlite/connection.c
2 issues
Line: 1646
/* Callback failed: abort backup and bail. */
Py_BEGIN_ALLOW_THREADS
sqlite3_backup_finish(bck_handle);
Py_END_ALLOW_THREADS
return NULL;
}
Py_DECREF(res);
}
Reported by Cppcheck.
Line: 994
Column: 13
CWE codes:
126
gilstate = PyGILState_Ensure();
py_statement = PyUnicode_DecodeUTF8(statement_string,
strlen(statement_string), "replace");
if (py_statement) {
ret = PyObject_CallOneArg((PyObject*)user_arg, py_statement);
Py_DECREF(py_statement);
}
Reported by FlawFinder.
Lib/test/test_zoneinfo/__init__.py
2 issues
Line: 1
Column: 1
from .test_zoneinfo import *
Reported by Pylint.
Line: 1
Column: 1
from .test_zoneinfo import *
Reported by Pylint.
Modules/_scproxy.c
2 issues
Line: 25
Column: 28
CWE codes:
126
s = CFStringGetCStringPtr(ref, kCFStringEncodingUTF8);
if (s) {
return PyUnicode_DecodeUTF8(
s, strlen(s), NULL);
} else {
CFIndex len = CFStringGetLength(ref);
Boolean ok;
PyObject* result;
Reported by FlawFinder.
Line: 47
Column: 34
CWE codes:
126
return NULL;
} else {
result = PyUnicode_DecodeUTF8(
buf, strlen(buf), NULL);
PyMem_Free(buf);
}
return result;
}
}
Reported by FlawFinder.
Lib/test/test_xxtestfuzz.py
2 issues
Line: 1
Column: 1
import faulthandler
from test.support import import_helper
import unittest
_xxtestfuzz = import_helper.import_module('_xxtestfuzz')
class TestFuzzer(unittest.TestCase):
"""To keep our https://github.com/google/oss-fuzz API working."""
Reported by Pylint.
Line: 11
Column: 5
class TestFuzzer(unittest.TestCase):
"""To keep our https://github.com/google/oss-fuzz API working."""
def test_sample_input_smoke_test(self):
"""This is only a regression test: Check that it doesn't crash."""
_xxtestfuzz.run(b"")
_xxtestfuzz.run(b"\0")
_xxtestfuzz.run(b"{")
_xxtestfuzz.run(b" ")
Reported by Pylint.
Modules/_lzmamodule.c
2 issues
Line: 1028
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
lzs->avail_in);
lzs->next_in = d->input_buffer;
}
memcpy((void*)(lzs->next_in + lzs->avail_in), data, len);
lzs->avail_in += len;
input_buffer_in_use = 1;
}
else {
lzs->next_in = data;
Reported by FlawFinder.
Line: 1097
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
/* Copy tail */
memcpy(d->input_buffer, lzs->next_in, lzs->avail_in);
lzs->next_in = d->input_buffer;
}
}
return result;
Reported by FlawFinder.
Modules/_io/iobase.c
2 issues
Line: 626
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
Py_DECREF(b);
goto fail;
}
memcpy(PyByteArray_AS_STRING(buffer) + old_size,
PyBytes_AS_STRING(b), PyBytes_GET_SIZE(b));
Py_DECREF(b);
if (PyByteArray_AS_STRING(buffer)[PyByteArray_GET_SIZE(buffer) - 1] == '\n')
Reported by FlawFinder.
Line: 73
Column: 16
CWE codes:
120
20
by whatever subclass. */
_Py_IDENTIFIER(__IOBase_closed);
_Py_IDENTIFIER(read);
/* Internal methods */
static PyObject *
iobase_unsupported(const char *message)
Reported by FlawFinder.
Modules/_io/fileio.c
2 issues
Line: 1132
_Py_BEGIN_SUPPRESS_IPH
res = isatty(self->fd);
_Py_END_SUPPRESS_IPH
Py_END_ALLOW_THREADS
return PyBool_FromLong(res);
}
#include "clinic/fileio.c.h"
Reported by Cppcheck.
Line: 386
Column: 28
CWE codes:
362
#ifdef MS_WINDOWS
self->fd = _wopen(widename, flags, 0666);
#else
self->fd = open(name, flags, 0666);
#endif
Py_END_ALLOW_THREADS
} while (self->fd < 0 && errno == EINTR &&
!(async_err = PyErr_CheckSignals()));
Reported by FlawFinder.
Modules/_blake2/impl/blake2-impl.h
2 issues
Line: 68
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static inline void store32( void *dst, uint32_t w )
{
#if defined(NATIVE_LITTLE_ENDIAN)
memcpy( dst, &w, sizeof( w ) );
#else
uint8_t *p = ( uint8_t * )dst;
*p++ = ( uint8_t )w; w >>= 8;
*p++ = ( uint8_t )w; w >>= 8;
*p++ = ( uint8_t )w; w >>= 8;
Reported by FlawFinder.
Line: 81
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static inline void store64( void *dst, uint64_t w )
{
#if defined(NATIVE_LITTLE_ENDIAN)
memcpy( dst, &w, sizeof( w ) );
#else
uint8_t *p = ( uint8_t * )dst;
*p++ = ( uint8_t )w; w >>= 8;
*p++ = ( uint8_t )w; w >>= 8;
*p++ = ( uint8_t )w; w >>= 8;
Reported by FlawFinder.
Modules/_io/clinic/textio.c.h
2 issues
Line: 216
Column: 17
CWE codes:
126
if (encoding == NULL) {
goto exit;
}
if (strlen(encoding) != (size_t)encoding_length) {
PyErr_SetString(PyExc_ValueError, "embedded null character");
goto exit;
}
}
else {
Reported by FlawFinder.
Line: 245
Column: 17
CWE codes:
126
if (newline == NULL) {
goto exit;
}
if (strlen(newline) != (size_t)newline_length) {
PyErr_SetString(PyExc_ValueError, "embedded null character");
goto exit;
}
}
else {
Reported by FlawFinder.
Modules/_gdbmmodule.c
2 issues
Line: 650
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return NULL;
}
for (flags++; *flags != '\0'; flags++) {
char buf[40];
switch (*flags) {
#ifdef GDBM_FAST
case 'f':
iflags |= GDBM_FAST;
break;
Reported by FlawFinder.
Line: 680
Column: 9
CWE codes:
126
return NULL;
}
const char *name = PyBytes_AS_STRING(filenamebytes);
if (strlen(name) != (size_t)PyBytes_GET_SIZE(filenamebytes)) {
Py_DECREF(filenamebytes);
PyErr_SetString(PyExc_ValueError, "embedded null character");
return NULL;
}
PyObject *self = newgdbmobject(state, name, iflags, mode);
Reported by FlawFinder.