The following issues were found
src/google/protobuf/stubs/port.h
6 issues
Line: 199
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
#else
inline uint16 GOOGLE_UNALIGNED_LOAD16(const void *p) {
uint16 t;
memcpy(&t, p, sizeof t);
return t;
}
inline uint32 GOOGLE_UNALIGNED_LOAD32(const void *p) {
uint32 t;
Reported by FlawFinder.
Line: 205
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline uint32 GOOGLE_UNALIGNED_LOAD32(const void *p) {
uint32 t;
memcpy(&t, p, sizeof t);
return t;
}
inline uint64 GOOGLE_UNALIGNED_LOAD64(const void *p) {
uint64 t;
Reported by FlawFinder.
Line: 211
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline uint64 GOOGLE_UNALIGNED_LOAD64(const void *p) {
uint64 t;
memcpy(&t, p, sizeof t);
return t;
}
inline void GOOGLE_UNALIGNED_STORE16(void *p, uint16 v) {
memcpy(p, &v, sizeof v);
Reported by FlawFinder.
Line: 216
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
inline void GOOGLE_UNALIGNED_STORE16(void *p, uint16 v) {
memcpy(p, &v, sizeof v);
}
inline void GOOGLE_UNALIGNED_STORE32(void *p, uint32 v) {
memcpy(p, &v, sizeof v);
}
Reported by FlawFinder.
Line: 220
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
inline void GOOGLE_UNALIGNED_STORE32(void *p, uint32 v) {
memcpy(p, &v, sizeof v);
}
inline void GOOGLE_UNALIGNED_STORE64(void *p, uint64 v) {
memcpy(p, &v, sizeof v);
}
Reported by FlawFinder.
Line: 224
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
inline void GOOGLE_UNALIGNED_STORE64(void *p, uint64 v) {
memcpy(p, &v, sizeof v);
}
#endif
#if defined(GOOGLE_PROTOBUF_OS_NACL) \
|| (defined(__ANDROID__) && defined(__clang__) \
Reported by FlawFinder.
src/google/protobuf/compiler/java/java_service.cc
6 issues
Line: 92
Column: 16
CWE codes:
120
" return $file$.getDescriptor().getServices().get($index$);\n"
"}\n",
"file", name_resolver_->GetImmutableClassName(descriptor_->file()),
"index", StrCat(descriptor_->index()));
GenerateGetDescriptorForType(printer);
// Generate more stuff.
GenerateCallMethod(printer);
GenerateGetPrototype(REQUEST, printer);
Reported by FlawFinder.
Line: 212
Column: 21
CWE codes:
120
for (int i = 0; i < descriptor_->method_count(); i++) {
const MethodDescriptor* method = descriptor_->method(i);
std::map<std::string, std::string> vars;
vars["index"] = StrCat(i);
vars["method"] = UnderscoresToCamelCase(method);
vars["input"] = name_resolver_->GetImmutableClassName(method->input_type());
vars["output"] = GetOutput(method);
printer->Print(
vars,
Reported by FlawFinder.
Line: 259
Column: 21
CWE codes:
120
for (int i = 0; i < descriptor_->method_count(); i++) {
const MethodDescriptor* method = descriptor_->method(i);
std::map<std::string, std::string> vars;
vars["index"] = StrCat(i);
vars["method"] = UnderscoresToCamelCase(method);
vars["input"] = name_resolver_->GetImmutableClassName(method->input_type());
vars["output"] = GetOutput(method);
printer->Print(vars,
"case $index$:\n"
Reported by FlawFinder.
Line: 304
Column: 21
CWE codes:
120
for (int i = 0; i < descriptor_->method_count(); i++) {
const MethodDescriptor* method = descriptor_->method(i);
std::map<std::string, std::string> vars;
vars["index"] = StrCat(i);
vars["type"] =
(which == REQUEST)
? name_resolver_->GetImmutableClassName(method->input_type())
: GetOutput(method);
printer->Print(vars,
Reported by FlawFinder.
Line: 359
Column: 21
CWE codes:
120
printer->Indent();
std::map<std::string, std::string> vars;
vars["index"] = StrCat(i);
vars["output"] = GetOutput(method);
printer->Print(vars,
"channel.callMethod(\n"
" getDescriptor().getMethods().get($index$),\n"
" controller,\n"
Reported by FlawFinder.
Line: 423
Column: 21
CWE codes:
120
printer->Indent();
std::map<std::string, std::string> vars;
vars["index"] = StrCat(i);
vars["output"] = GetOutput(method);
printer->Print(vars,
"return ($output$) channel.callBlockingMethod(\n"
" getDescriptor().getMethods().get($index$),\n"
" controller,\n"
Reported by FlawFinder.
java/core/src/main/java/com/google/protobuf/Protobuf.java
6 issues
Line: 47
final class Protobuf {
private static final Protobuf INSTANCE = new Protobuf();
private final SchemaFactory schemaFactory;
// TODO(nathanmittler): Consider using ClassValue instead.
private final ConcurrentMap<Class<?>, Schema<?>> schemaCache =
new ConcurrentHashMap<Class<?>, Schema<?>>();
Reported by PMD.
Line: 50
private final SchemaFactory schemaFactory;
// TODO(nathanmittler): Consider using ClassValue instead.
private final ConcurrentMap<Class<?>, Schema<?>> schemaCache =
new ConcurrentHashMap<Class<?>, Schema<?>>();
/** Gets the singleton instance of the Protobuf runtime. */
public static Protobuf getInstance() {
return INSTANCE;
Reported by PMD.
Line: 60
/** Writes the given message to the target {@link Writer}. */
public <T> void writeTo(T message, Writer writer) throws IOException {
schemaFor(message).writeTo(message, writer);
}
/** Reads fields from the given {@link Reader} and merges them into the message. */
public <T> void mergeFrom(T message, Reader reader) throws IOException {
mergeFrom(message, reader, ExtensionRegistryLite.getEmptyRegistry());
Reported by PMD.
Line: 71
/** Reads fields from the given {@link Reader} and merges them into the message. */
public <T> void mergeFrom(T message, Reader reader, ExtensionRegistryLite extensionRegistry)
throws IOException {
schemaFor(message).mergeFrom(message, reader, extensionRegistry);
}
/** Marks repeated/map/extension/unknown fields as immutable. */
public <T> void makeImmutable(T message) {
schemaFor(message).makeImmutable(message);
Reported by PMD.
Line: 76
/** Marks repeated/map/extension/unknown fields as immutable. */
public <T> void makeImmutable(T message) {
schemaFor(message).makeImmutable(message);
}
/** Checks if all required fields are set. */
<T> boolean isInitialized(T message) {
return schemaFor(message).isInitialized(message);
Reported by PMD.
Line: 81
/** Checks if all required fields are set. */
<T> boolean isInitialized(T message) {
return schemaFor(message).isInitialized(message);
}
/** Gets the schema for the given message type. */
public <T> Schema<T> schemaFor(Class<T> messageType) {
checkNotNull(messageType, "messageType");
Reported by PMD.
java/core/src/main/java/com/google/protobuf/FloatArrayList.java
6 issues
Line: 46
* @author dweis@google.com (Daniel Weis)
*/
final class FloatArrayList extends AbstractProtobufList<Float>
implements FloatList, RandomAccess, PrimitiveNonBoxingCollection {
private static final FloatArrayList EMPTY_LIST = new FloatArrayList(new float[0], 0);
static {
EMPTY_LIST.makeImmutable();
}
Reported by PMD.
Line: 58
}
/** The backing store for the list. */
private float[] array;
/**
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
Reported by PMD.
Line: 64
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
private int size;
/** Constructs a new mutable {@code FloatArrayList} with default capacity. */
FloatArrayList() {
this(new float[DEFAULT_CAPACITY], 0);
}
Reported by PMD.
Line: 64
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
private int size;
/** Constructs a new mutable {@code FloatArrayList} with default capacity. */
FloatArrayList() {
this(new float[DEFAULT_CAPACITY], 0);
}
Reported by PMD.
Line: 104
return false;
}
final float[] arr = other.array;
for (int i = 0; i < size; i++) {
if (Float.floatToIntBits(array[i]) != Float.floatToIntBits(arr[i])) {
return false;
}
}
Reported by PMD.
Line: 147
if (!(element instanceof Float)) {
return -1;
}
float unboxedElement = (Float) element;
int numElems = size();
for (int i = 0; i < numElems; i++) {
if (array[i] == unboxedElement) {
return i;
}
Reported by PMD.
java/core/src/main/java/com/google/protobuf/BooleanArrayList.java
6 issues
Line: 46
* @author dweis@google.com (Daniel Weis)
*/
final class BooleanArrayList extends AbstractProtobufList<Boolean>
implements BooleanList, RandomAccess, PrimitiveNonBoxingCollection {
private static final BooleanArrayList EMPTY_LIST = new BooleanArrayList(new boolean[0], 0);
static {
EMPTY_LIST.makeImmutable();
}
Reported by PMD.
Line: 58
}
/** The backing store for the list. */
private boolean[] array;
/**
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
Reported by PMD.
Line: 64
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
private int size;
/** Constructs a new mutable {@code BooleanArrayList} with default capacity. */
BooleanArrayList() {
this(new boolean[DEFAULT_CAPACITY], 0);
}
Reported by PMD.
Line: 64
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
private int size;
/** Constructs a new mutable {@code BooleanArrayList} with default capacity. */
BooleanArrayList() {
this(new boolean[DEFAULT_CAPACITY], 0);
}
Reported by PMD.
Line: 105
return false;
}
final boolean[] arr = other.array;
for (int i = 0; i < size; i++) {
if (array[i] != arr[i]) {
return false;
}
}
Reported by PMD.
Line: 148
if (!(element instanceof Boolean)) {
return -1;
}
boolean unboxedElement = (Boolean) element;
int numElems = size();
for (int i = 0; i < numElems; i++) {
if (array[i] == unboxedElement) {
return i;
}
Reported by PMD.
java/core/src/main/java/com/google/protobuf/TypeRegistry.java
6 issues
Line: 149
}
if (types.containsKey(message.getFullName())) {
logger.warning("Type " + message.getFullName() + " is added multiple times.");
return;
}
types.put(message.getFullName(), message);
}
Reported by PMD.
Line: 78
return find(getTypeName(typeUrl));
}
private final Map<String, Descriptor> types;
TypeRegistry(Map<String, Descriptor> types) {
this.types = types;
}
Reported by PMD.
Line: 86
private static String getTypeName(String typeUrl) throws InvalidProtocolBufferException {
String[] parts = typeUrl.split("/");
if (parts.length == 1) {
throw new InvalidProtocolBufferException("Invalid type url found: " + typeUrl);
}
return parts[parts.length - 1];
}
Reported by PMD.
Line: 126
public TypeRegistry build() {
TypeRegistry result = new TypeRegistry(types);
// Make sure the built {@link TypeRegistry} is immutable.
types = null;
return result;
}
private void addFile(FileDescriptor file) {
// Skip the file if it's already added.
Reported by PMD.
Line: 156
types.put(message.getFullName(), message);
}
private final Set<String> files = new HashSet<>();
private Map<String, Descriptor> types = new HashMap<>();
}
}
Reported by PMD.
Line: 157
}
private final Set<String> files = new HashSet<>();
private Map<String, Descriptor> types = new HashMap<>();
}
}
Reported by PMD.
src/google/protobuf/compiler/java/java_enum.cc
6 issues
Line: 100
Column: 21
CWE codes:
120
for (int i = 0; i < canonical_values_.size(); i++) {
std::map<std::string, std::string> vars;
vars["name"] = canonical_values_[i]->name();
vars["index"] = StrCat(canonical_values_[i]->index());
vars["number"] = StrCat(canonical_values_[i]->number());
WriteEnumValueDocComment(printer, canonical_values_[i]);
if (canonical_values_[i]->options().deprecated()) {
printer->Print("@java.lang.Deprecated\n");
}
Reported by FlawFinder.
Line: 101
Column: 22
CWE codes:
120
std::map<std::string, std::string> vars;
vars["name"] = canonical_values_[i]->name();
vars["index"] = StrCat(canonical_values_[i]->index());
vars["number"] = StrCat(canonical_values_[i]->number());
WriteEnumValueDocComment(printer, canonical_values_[i]);
if (canonical_values_[i]->options().deprecated()) {
printer->Print("@java.lang.Deprecated\n");
}
if (ordinal_is_index) {
Reported by FlawFinder.
Line: 143
Column: 22
CWE codes:
120
for (int i = 0; i < descriptor_->value_count(); i++) {
std::map<std::string, std::string> vars;
vars["name"] = descriptor_->value(i)->name();
vars["number"] = StrCat(descriptor_->value(i)->number());
vars["{"] = "";
vars["}"] = "";
vars["deprecation"] = descriptor_->value(i)->options().deprecated()
? "@java.lang.Deprecated "
: "";
Reported by FlawFinder.
Line: 206
Column: 20
CWE codes:
120
for (int i = 0; i < canonical_values_.size(); i++) {
printer->Print("case $number$: return $name$;\n", "name",
canonical_values_[i]->name(), "number",
StrCat(canonical_values_[i]->number()));
}
printer->Outdent();
printer->Outdent();
printer->Print(
Reported by FlawFinder.
Line: 276
Column: 20
CWE codes:
120
" return $file$.getDescriptor().getEnumTypes().get($index$);\n",
"file",
name_resolver_->GetClassName(descriptor_->file(), immutable_api_),
"index", StrCat(descriptor_->index()));
} else {
printer->Print(
" return $parent$.$descriptor$.getEnumTypes().get($index$);\n",
"parent",
name_resolver_->GetClassName(descriptor_->containing_type(),
Reported by FlawFinder.
Line: 289
Column: 20
CWE codes:
120
.no_standard_descriptor_accessor()
? "getDefaultInstance().getDescriptorForType()"
: "getDescriptor()",
"index", StrCat(descriptor_->index()));
}
printer->Print(
"}\n"
"\n"
Reported by FlawFinder.
java/core/src/main/java/com/google/protobuf/LongArrayList.java
6 issues
Line: 46
* @author dweis@google.com (Daniel Weis)
*/
final class LongArrayList extends AbstractProtobufList<Long>
implements LongList, RandomAccess, PrimitiveNonBoxingCollection {
private static final LongArrayList EMPTY_LIST = new LongArrayList(new long[0], 0);
static {
EMPTY_LIST.makeImmutable();
}
Reported by PMD.
Line: 58
}
/** The backing store for the list. */
private long[] array;
/**
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
Reported by PMD.
Line: 64
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
private int size;
/** Constructs a new mutable {@code LongArrayList} with default capacity. */
LongArrayList() {
this(new long[DEFAULT_CAPACITY], 0);
}
Reported by PMD.
Line: 64
* The size of the list distinct from the length of the array. That is, it is the number of
* elements set in the list.
*/
private int size;
/** Constructs a new mutable {@code LongArrayList} with default capacity. */
LongArrayList() {
this(new long[DEFAULT_CAPACITY], 0);
}
Reported by PMD.
Line: 104
return false;
}
final long[] arr = other.array;
for (int i = 0; i < size; i++) {
if (array[i] != arr[i]) {
return false;
}
}
Reported by PMD.
Line: 147
if (!(element instanceof Long)) {
return -1;
}
long unboxedElement = (Long) element;
int numElems = size();
for (int i = 0; i < numElems; i++) {
if (array[i] == unboxedElement) {
return i;
}
Reported by PMD.
ruby/src/main/java/com/google/protobuf/jruby/RubyOneofBuilderContext.java
6 issues
Line: 101
return context.nil;
}
private RubyMessageBuilderContext builder;
private int index;
}
Reported by PMD.
Line: 102
}
private RubyMessageBuilderContext builder;
private int index;
}
Reported by PMD.
Line: 38
import com.google.protobuf.DescriptorProtos.FieldDescriptorProto;
import org.jruby.Ruby;
import org.jruby.RubyClass;
import org.jruby.RubyHash;
import org.jruby.RubyModule;
import org.jruby.RubyNumeric;
import org.jruby.RubyObject;
import org.jruby.anno.JRubyClass;
import org.jruby.anno.JRubyMethod;
Reported by PMD.
Line: 92
* if present (as accepted by FieldDescriptor#submsg_name=).
*/
@JRubyMethod(required = 3, optional = 2)
public IRubyObject optional(ThreadContext context, IRubyObject[] args) {
FieldDescriptorProto.Builder fieldBuilder =
Utils.createFieldBuilder(context, "optional", args);
fieldBuilder.setOneofIndex(index);
builder.addFieldBuilder(fieldBuilder);
Reported by PMD.
Line: 52
public class RubyOneofBuilderContext extends RubyObject {
public static void createRubyOneofBuilderContext(Ruby runtime) {
RubyModule internal = runtime.getClassFromPath("Google::Protobuf::Internal");
RubyClass cRubyOneofBuidlerContext = internal.defineClassUnder("OneofBuilderContext", runtime.getObject(), new ObjectAllocator() {
@Override
public IRubyObject allocate(Ruby ruby, RubyClass rubyClass) {
return new RubyOneofBuilderContext(ruby, rubyClass);
}
});
Reported by PMD.
Line: 52
public class RubyOneofBuilderContext extends RubyObject {
public static void createRubyOneofBuilderContext(Ruby runtime) {
RubyModule internal = runtime.getClassFromPath("Google::Protobuf::Internal");
RubyClass cRubyOneofBuidlerContext = internal.defineClassUnder("OneofBuilderContext", runtime.getObject(), new ObjectAllocator() {
@Override
public IRubyObject allocate(Ruby ruby, RubyClass rubyClass) {
return new RubyOneofBuilderContext(ruby, rubyClass);
}
});
Reported by PMD.
ruby/src/main/java/com/google/protobuf/jruby/RubyOneofDescriptor.java
6 issues
Line: 76
protected void setDescriptor(ThreadContext context, OneofDescriptor descriptor, Map<FieldDescriptor, RubyFieldDescriptor> fieldCache) {
this.descriptor = descriptor;
this.name = context.runtime.newString(descriptor.getName());
for (FieldDescriptor fd : descriptor.getFields()) {
fields.add(fieldCache.get(fd));
}
}
Reported by PMD.
Line: 83
}
}
private IRubyObject name;
private List<RubyFieldDescriptor> fields;
private OneofDescriptor descriptor;
}
Reported by PMD.
Line: 84
}
private IRubyObject name;
private List<RubyFieldDescriptor> fields;
private OneofDescriptor descriptor;
}
Reported by PMD.
Line: 84
}
private IRubyObject name;
private List<RubyFieldDescriptor> fields;
private OneofDescriptor descriptor;
}
Reported by PMD.
Line: 26
public static void createRubyOneofDescriptor(Ruby runtime) {
RubyModule protobuf = runtime.getClassFromPath("Google::Protobuf");
RubyClass cRubyOneofDescriptor = protobuf.defineClassUnder("OneofDescriptor", runtime.getObject(), new ObjectAllocator() {
@Override
public IRubyObject allocate(Ruby ruby, RubyClass rubyClass) {
return new RubyOneofDescriptor(ruby, rubyClass);
}
});
Reported by PMD.
Line: 26
public static void createRubyOneofDescriptor(Ruby runtime) {
RubyModule protobuf = runtime.getClassFromPath("Google::Protobuf");
RubyClass cRubyOneofDescriptor = protobuf.defineClassUnder("OneofDescriptor", runtime.getObject(), new ObjectAllocator() {
@Override
public IRubyObject allocate(Ruby ruby, RubyClass rubyClass) {
return new RubyOneofDescriptor(ruby, rubyClass);
}
});
Reported by PMD.