diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 2798bf166c8..7c6f5c2e9ed 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -426,7 +426,8 @@ fedora install: - installed-database.sql - upgraded-database.sql -cppcheck: +cppcheck: + allow_failure: true stage: sast needs: [] variables: @@ -434,33 +435,57 @@ cppcheck: GIT_SUBMODULE_STRATEGY: normal script: - yum install -y cppcheck diffutils - # --template: use a single-line template + # --template: output format # --force: check large directories without warning # -i: ignore this directory when scanning + # -I: include path, reduces false positives + # related to inability to resolve symbols # -j: run multiple cppcheck threads # Use newline to escape colon in yaml - > - cppcheck --template="{file}:{line}: {severity}: {message}" --force + cppcheck --template="{file}:{line}\n{code}\n{severity}: {message}" --force --check-level=exhaustive client dbug extra include libmariadb libmysqld libservices mysql-test mysys mysys_ssl pcre plugin strings tests unittest vio wsrep-lib sql sql-common storage -istorage/mroonga -istorage/tokudb -istorage/spider -istorage/rocksdb -iextra/ -ilibmariadb/ -istorage/columnstore - --output-file=cppcheck.txt -j $(nproc) - # Parallel jobs may output findings in an nondeterministic order. Sort to match ignorelist. - - cat cppcheck.txt | sort > cppcheck_sorted.txt - # Remove line numbers for diff - - sed 's/:[^:]*:/:/' cppcheck_sorted.txt > cppcheck_sorted_no_line_numbers.txt + -Iinclude -Istorage/innobase/include + --output-file=initial-cppcheck_output.txt -j $(nproc) + # when including {code} in the cppcheck template, some more pre-processing needs to be done + # + # sample cppcheck finding: : + # foo.bar() + # ^ + # : + # + # 1. remove all lines with "^" + # 2. merge every 3 lines into 1 so it can be sorted (example: foo.bar() : ) + # 3. sort to match ignorelist since parallel jobs may output findings in an nondeterministic order + # 4. remove findings likely to be false positives (i.e, "unknown macros") + # 5. remove line numbers for diffing against ignorelist + - | + cat initial-cppcheck_output.txt | grep -v '\^$' > preprocessed-cppcheck_circumflex_removed.txt + cat preprocessed-cppcheck_circumflex_removed.txt | awk 'NR%3==1 {printf "%s", (NR==1) ? "" : "\n"; printf "%s", $0} NR%3!=1 {printf " %s", $0}' > preprocessed-cppcheck_oneline.txt + cat preprocessed-cppcheck_oneline.txt | sort > preprocessed-cppcheck_sorted.txt + cat preprocessed-cppcheck_sorted.txt | grep -v "There is an unknown macro here somewhere" > results-cppcheck_all_findings.txt + sed 's/:[0-9]\+//' results-cppcheck_all_findings.txt > preprocessed_final-cppcheck_no_line_nums.txt # Only print new issues not found in ignore list - echo "Problems found in ignore list that were not discovered by cppcheck (may have been fixed)." - - diff --changed-group-format='%>' --unchanged-group-format='' cppcheck_sorted_no_line_numbers.txt tests/code_quality/cppcheck_ignorelist.txt || true + - diff --changed-group-format='%>' --unchanged-group-format='' preprocessed_final-cppcheck_no_line_nums.txt tests/code_quality/cppcheck_ignorelist.txt || true - echo "Problems found by cppcheck that were not in ignore list." - - diff --changed-group-format='%<' --unchanged-group-format='' cppcheck_sorted_no_line_numbers.txt tests/code_quality/cppcheck_ignorelist.txt > lines_not_ignored.txt || true - - cat lines_not_ignored.txt && test ! -s lines_not_ignored.txt + - diff --changed-group-format='%<' --unchanged-group-format='' preprocessed_final-cppcheck_no_line_nums.txt tests/code_quality/cppcheck_ignorelist.txt > results-cppcheck_new_findings.txt || true + - cat results-cppcheck_new_findings.txt && test ! -s results-cppcheck_new_findings.txt artifacts: when: always paths: - - cppcheck_sorted.txt + # save all steps of pre-processing in-case it ever breaks + - initial-cppcheck_output.txt + - preprocessed-cppcheck_circumflex_removed.txt + - preprocessed-cppcheck_sorted.txt + - preprocessed_final-cppcheck_no_line_nums.txt + - results-cppcheck_all_findings.txt + - results-cppcheck_new_findings.txt flawfinder: + allow_failure: true stage: sast needs: [] variables: @@ -482,11 +507,12 @@ flawfinder: - echo "Problems found in ignore list that were not discovered by flawfinder (may have been fixed)." - diff --changed-group-format='%>' --unchanged-group-format='' flawfinder-min-level5.json tests/code_quality/flawfinder_ignorelist.json || true - echo "Problems found by flawfinder that were not in ignore list." - - diff --changed-group-format='%<' --unchanged-group-format='' flawfinder-min-level5.json tests/code_quality/flawfinder_ignorelist.json > lines_not_ignored.txt || true - - cat lines_not_ignored.txt && test ! -s lines_not_ignored.txt + - diff --changed-group-format='%<' --unchanged-group-format='' flawfinder-min-level5.json tests/code_quality/flawfinder_ignorelist.json > flawfinder_new_findings.txt || true + - cat flawfinder_new_findings.txt && test ! -s flawfinder_new_findings.txt artifacts: when: always paths: + - flawfinder_new_findings.txt - flawfinder-all-vulnerabilities.html - flawfinder-min-level5.json diff --git a/mysys/my_rdtsc.c b/mysys/my_rdtsc.c index 39ec599cf91..bbb53c8ed37 100644 --- a/mysys/my_rdtsc.c +++ b/mysys/my_rdtsc.c @@ -338,7 +338,7 @@ static ulonglong my_timer_init_resolution(ulonglong (*this_timer)(void), static ulonglong my_timer_init_frequency(MY_TIMER_INFO *mti) { int i; - ulonglong time1, time2, time3, time4; + ulonglong time1, time2, time3, time4, denominator; time1= my_timer_cycles(); time2= my_timer_microseconds(); time3= time2; /* Avoids a Microsoft/IBM compiler warning */ @@ -349,8 +349,7 @@ static ulonglong my_timer_init_frequency(MY_TIMER_INFO *mti) } time4= my_timer_cycles() - mti->cycles.overhead; time4-= mti->microseconds.overhead; - ulonglong denominator = time3 - time2; - if (denominator == 0) denominator = 1; + denominator = ((time3 - time2) == 0) ? 1 : time3 - time2; return (mti->microseconds.frequency * (time4 - time1)) / denominator; } @@ -604,7 +603,7 @@ void my_timer_init(MY_TIMER_INFO *mti) && mti->microseconds.routine && mti->cycles.routine) { - ulonglong time3, time4; + ulonglong time3, time4, denominator; time1= my_timer_cycles(); time2= my_timer_milliseconds(); time3= time2; /* Avoids a Microsoft/IBM compiler warning */ @@ -614,8 +613,7 @@ void my_timer_init(MY_TIMER_INFO *mti) if (time3 - time2 > 10) break; } time4= my_timer_cycles(); - ulonglong denominator = time4 - time1; - if (denominator == 0) denominator = 1; + denominator = ((time4 - time1) == 0) ? 1 : time4 - time1; mti->milliseconds.frequency= (mti->cycles.frequency * (time3 - time2)) / denominator; } @@ -631,7 +629,7 @@ void my_timer_init(MY_TIMER_INFO *mti) && mti->microseconds.routine && mti->cycles.routine) { - ulonglong time3, time4; + ulonglong time3, time4, denominator; time1= my_timer_cycles(); time2= my_timer_ticks(); time3= time2; /* Avoids a Microsoft/IBM compiler warning */ @@ -645,10 +643,7 @@ void my_timer_init(MY_TIMER_INFO *mti) if (time3 - time2 > 10) break; } time4= my_timer_cycles(); - ulonglong denominator = time4 - time1; - if (denominator == 0) { - denominator = 1; - } + denominator = ((time4 - time1) == 0) ? 1 : time4 - time1; mti->ticks.frequency= (mti->cycles.frequency * (time3 - time2)) / denominator; } diff --git a/tests/code_quality/cppcheck_ignorelist.txt b/tests/code_quality/cppcheck_ignorelist.txt index 268bf8108d4..79ee4af563a 100644 --- a/tests/code_quality/cppcheck_ignorelist.txt +++ b/tests/code_quality/cppcheck_ignorelist.txt @@ -1,251 +1,85 @@ -client/mysql.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -client/mysql_upgrade.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -client/mysqladmin.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -client/mysqlbinlog.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -client/mysqlcheck.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -client/mysqlimport.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -client/mysqlshow.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -client/mysqltest.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -dbug/tests.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -lexyy.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -mysql-test/lib/My/SafeProcess/safe_process_win.cc: error: Uninitialized variable: message_text -mysys/mf_keycache.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -mysys/my_delete.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -mysys/my_fopen.c: error: Return value of allocation function 'freopen' is not stored. -mysys/my_getsystime.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -mysys/my_pread.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -mysys/my_rename.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -mysys/my_winfile.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -mysys/my_write.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -mysys/thr_lock.c: error: There is an unknown macro here somewhere. Configuration is required. If MYSQL_TABLE_WAIT_VARIABLES is a macro then please configure it. -mysys/tree.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -pcre/pcrecpp.cc: warning: Uninitialized variable: kmat -pcre/pcrecpp.h: error: syntax error -pcre/pcregrep.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/audit_null/audit_null.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_ed25519/server_ed25519.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_examples/auth_0x0100.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_examples/dialog_examples.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_examples/qa_auth_interface.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_examples/qa_auth_server.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_examples/test_plugin.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_gssapi/server_plugin.cc: error: syntax error -plugin/auth_gssapi/sspi.h: error: #include nested too deeply -plugin/auth_pam/auth_pam.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_pam/auth_pam_v1.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_pipe/auth_pipe.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/auth_socket/auth_socket.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/aws_key_management/aws_key_management_plugin.cc: error: syntax error -plugin/cracklib_password_check/cracklib_password_check.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/daemon_example/daemon_example.cc: error: syntax error -plugin/debug_key_management/debug_key_management_plugin.cc: error: syntax error -plugin/disks/information_schema_disks.cc: error: syntax error -plugin/example_key_management/example_key_management_plugin.cc: error: syntax error -plugin/feedback/feedback.cc: error: syntax error -plugin/file_key_management/file_key_management_plugin.cc: error: syntax error -plugin/fulltext/plugin_example.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/handler_socket/handlersocket/handlersocket.cpp: error: syntax error -plugin/locale_info/locale_info.cc: error: syntax error -plugin/metadata_lock_info/metadata_lock_info.cc: error: syntax error -plugin/metadata_lock_info/metadata_lock_info.cc: error: syntax error -plugin/qc_info/qc_info.cc: error: syntax error -plugin/query_response_time/plugin.cc: error: syntax error -plugin/query_response_time/query_response_time.cc: error: Array 'm_count[41]' accessed at index 43, which is out of bounds. -plugin/query_response_time/query_response_time.cc: error: Array 'm_total[41]' accessed at index 43, which is out of bounds. -plugin/server_audit/server_audit.c: error: Uninitialized variable: &tm_time -plugin/server_audit/server_audit.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/server_audit/server_audit.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/server_audit/server_audit.c: error: Uninitialized variable: &tm_time -plugin/simple_password_check/simple_password_check.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/sql_errlog/sql_errlog.c: error: Found a exit path from function with non-void return type that has missing return statement -plugin/sql_errlog/sql_errlog.c: error: Uninitialized variable: &t -plugin/user_variables/user_variables.cc: error: syntax error -plugin/userstat/userstat.cc: error: syntax error -plugin/versioning/versioning.cc: error: syntax error -plugin/wsrep_info/plugin.cc: error: syntax error -sql-common/client.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -sql-common/client_plugin.c: error: va_list 'unused' used before va_start() was called. -sql-common/client_plugin.c: error: va_list 'unused' used before va_start() was called. -sql-common/client_plugin.c: error: va_list 'unused' used before va_start() was called. -sql-common/client_plugin.c: error: va_list 'unused' used before va_start() was called. -sql/debug_sync.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE is a macro then please configure it. -sql/gcalc_slicescan.cc: warning: Possible null pointer dereference: first_bottom_point -sql/gen_lex_hash.cc: error: Common realloc mistake: 'hash_map' nulled but not freed upon failure -sql/handler.h: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -sql/log.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -sql/log_event.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -sql/log_event_old.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -sql/net_serv.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -sql/protocol.h: error: syntax error -sql/rpl_utility.h: error: There is an unknown macro here somewhere. Configuration is required. If CPP_UNNAMED_NS_START is a macro then please configure it. -sql/semisync_slave.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -sql/sql_select.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -sql/sql_string.cc: warning: Iterators to containers from different expressions 'to' and 'from' are used together. -sql/table.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -sql/winservice.c: error: Resource leak: mysql_upgrade_info -sql/wsrep_thd.h: error: failed to expand 'wsrep_create_appliers', Wrong number of parameters for macro 'wsrep_create_appliers'. -storage/archive/azio.c: error: Syntax Error: AST broken, 'if' doesn't have two operands. -storage/archive/ha_archive.cc: error: syntax error -storage/blackhole/ha_blackhole.cc: error: syntax error -storage/cassandra/gen-cpp/Cassandra_server.skeleton.cpp: error: Found a exit path from function with non-void return type that has missing return statement -storage/cassandra/ha_cassandra.cc: error: syntax error -storage/connect/connect.cc: error: Uninitialized variable: lg -storage/connect/domdoc.cpp: error: syntax error -storage/connect/ha_connect.cc: error: syntax error -storage/connect/myconn.cpp: error: Unmatched '{'. Configuration: 'ALPHA;MYSQL_PREPARED_STATEMENTS'. -storage/connect/myconn.cpp: error: Unmatched '{'. Configuration: 'MYSQL_PREPARED_STATEMENTS'. -storage/connect/odbconn.cpp: warning: Uninitialized variable: b -storage/connect/odbconn.cpp: warning: Uninitialized variable: b -storage/connect/odbconn.cpp: warning: Uninitialized variable: b -storage/connect/plugutil.cpp: error: Width 255 given in format string (no. 2) is larger than destination buffer 'stmsg[200]', use %199[^\"] to prevent overflowing it. -storage/connect/plugutil.cpp: error: Width 255 given in format string (no. 1) is larger than destination buffer 'stmsg[200]', use %199[^\"] to prevent overflowing it. -storage/connect/tabjson.cpp: warning: Possible null pointer dereference: Val -storage/connect/tabmul.cpp: error: Uninitialized variable: buf -storage/connect/tabmul.cpp: error: Uninitialized variable: buf -storage/connect/tabmul.cpp: error: Uninitialized variable: buf -storage/connect/taboccur.cpp: warning: Uninitialized variable: *pcrp -storage/connect/unzip.c: warning: Uninitialized variable: *pzlib_filefunc64_32_def.zopen32_file -storage/connect/value.cpp: error: Signed integer overflow for expression 'n*126230400'. -storage/connect/zip.c: warning: Uninitialized variable: *pzlib_filefunc64_32_def.zopen32_file -storage/csv/ha_tina.cc: error: syntax error -storage/example/ha_example.cc: error: syntax error -storage/federated/ha_federated.cc: error: syntax error -storage/heap/ha_heap.cc: error: syntax error -storage/innobase/btr/btr0btr.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/btr/btr0cur.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/btr/btr0defragment.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it. -storage/innobase/btr/btr0sea.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/buf/buf0buf.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/buf/buf0dump.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it. -storage/innobase/buf/buf0flu.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it. -storage/innobase/buf/buf0lru.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/dict/dict0crea.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/dict/dict0dict.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/dict/dict0load.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/dict/dict0stats.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/dict/dict0stats_bg.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it. -storage/innobase/fil/fil0crypt.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/fil/fil0fil.cc: error: syntax error -storage/innobase/fsp/fsp0file.cc: error: Resource leak: file -storage/innobase/fsp/fsp0fsp.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/fts/fts0fts.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/fts/fts0opt.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/fts/fts0que.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/gis/gis0rtree.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/gis/gis0sea.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/handler/ha_innodb.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/handler/handler0alter.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/handler/i_s.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/ibuf/ibuf0ibuf.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/ibuf/ibuf0ibuf.cc: error: failed to expand 'ibuf_bitmap_page_get_bits', Wrong number of parameters for macro 'ibuf_bitmap_page_get_bits'. -storage/innobase/lock/lock0lock.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/lock/lock0wait.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/lock/lock0wait.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/log/log0log.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/log/log0recv.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/os/os0file.cc: error: syntax error -storage/innobase/page/page0page.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/page/page0zip.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/pars/pars0pars.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/row/row0ftsort.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/row/row0import.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/row/row0ins.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/row/row0log.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/row/row0merge.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/innobase/row/row0mysql.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/row/row0quiesce.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/row/row0sel.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/row/row0umod.cc: error: There is an unknown macro here somewhere. Configuration is required. If ut_d is a macro then please configure it. -storage/innobase/row/row0upd.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/row/row0vers.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/srv/srv0conc.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ALIGNED is a macro then please configure it. -storage/innobase/srv/srv0srv.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/srv/srv0start.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it. -storage/innobase/trx/trx0i_s.cc: error: Array 'table_cache->chunks[39]' accessed at index 39, which is out of bounds. -storage/innobase/trx/trx0i_s.cc: error: Array 'table_cache->chunks[39]' accessed at index 39, which is out of bounds. -storage/innobase/trx/trx0purge.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/trx/trx0rec.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/trx/trx0roll.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it. -storage/innobase/trx/trx0trx.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/innobase/trx/trx0undo.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ha_maria.cc: error: syntax error -storage/maria/ma_bitmap.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_blockrec.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_check.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_checkpoint.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_delete.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/maria/ma_delete.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_ft_parser.c: error: Address of local auto-variable assigned to a function parameter. -storage/maria/ma_key.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_loghandler.c: warning: Uninitialized variable: data->current_offset -storage/maria/ma_open.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/maria/ma_pagecache.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_pagecache.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_range.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_recovery_util.c: error: va_start() or va_copy() called subsequently on 'args' without va_end() in between. -storage/maria/ma_rkey.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_rt_index.c: error: failed to expand 'rt_PAGE_END', Wrong number of parameters for macro 'rt_PAGE_END'. -storage/maria/ma_search.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_sp_key.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_update.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/maria/ma_update.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/ma_write.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/maria/ma_write.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/maria/maria_pack.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/ft_parser.c: error: Address of local auto-variable assigned to a function parameter. -storage/myisam/ha_myisam.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_check.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_close.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/myisam/mi_delete.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_key.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_locking.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_open.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it. -storage/myisam/mi_range.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_rkey.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_search.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_update.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/mi_write.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisam/myisampack.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -storage/myisammrg/ha_myisammrg.cc: error: syntax error -storage/oqgraph/ha_oqgraph.cc: error: syntax error -storage/perfschema/ha_perfschema.cc: error: syntax error -storage/perfschema/pfs_instr.h: error: Uninitialized variable: m_has_io_stats -storage/perfschema/pfs_instr.h: error: Uninitialized variable: m_has_lock_stats -storage/perfschema/pfs_instr_class.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ALIGNED is a macro then please configure it. -storage/perfschema/table_accounts.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_esgs_by_account_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_esgs_by_host_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_esgs_by_user_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_esms_by_account_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_esms_by_host_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_esms_by_user_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_events_waits.cc: error: Uninitialized struct member: wait.m_wait_class -storage/perfschema/table_events_waits.cc: error: Uninitialized variable: wait -storage/perfschema/table_events_waits.cc: error: Uninitialized struct member: wait.m_wait_class -storage/perfschema/table_ews_by_account_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_ews_by_host_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_ews_by_user_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_hosts.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_setup_actors.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_threads.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/perfschema/table_users.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -storage/sequence/sequence.cc: error: syntax error -storage/test_sql_discovery/test_sql_discovery.cc: error: syntax error -strings/decimal.c: warning: Possible null pointer dereference: to -strings/dump_map.c: error: Array 'fromstat[256]' accessed at index 256, which is out of bounds. -tests/mysql_client_fw.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -tests/thread_test.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it. -unittest/mysys/dynstring-t.c: error: syntax error -unittest/mysys/queues-t.c: error: Uninitialized variable: i -unittest/mysys/waiting_threads-t.c: error: Uninitialized variable: m -unittest/mytap/tap.c: error: va_list 'ap' used before va_start() was called. -unittest/mytap/tap.c: error: va_list 'ap' used before va_start() was called. -unittest/mytap/tap.c: error: va_list 'ap' used before va_start() was called. -unittest/mytap/tap.c: error: va_list 'ap' used before va_start() was called. -vio/viosocket.c: error: There is an unknown macro here somewhere. Configuration is required. If MYSQL_SOCKET_WAIT_VARIABLES is a macro then please configure it. -vio/viosocket.c: error: There is an unknown macro here somewhere. Configuration is required. If MYSQL_SOCKET_WAIT_VARIABLES is a macro then please configure it. -vio/viosslfactories.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it. -vio/viotest-sslconnect.cc: error: Memory pointed to by 'vio' is freed twice. -vio/viotest-sslconnect.cc: error: Memory pointed to by 'ssl_connector' is freed twice. -wsrep-lib/src/server_state.cpp: error: syntax error: keyword 'try' is not allowed in global scope -wsrep-lib/src/thread_service_v1.cpp: error: Rethrowing current exception with 'throw;', it seems there is no current exception to rethrow. If there is no current exception this calls std::terminate(). More: https://isocpp.org/wiki/faq/exceptions#throw-without-an-object +client/mysqlbinlog.cc ev->output_buf.copy(e->output_buf); warning: Possible null pointer dereference: e +client/mysqldump.c return buff; warning: Uninitialized variable: buff +client/mysqldump.c return buff; warning: Uninitialized variable: buff +include/my_global.h #error "please add -DSTACK_DIRECTION=1 or -1 to your CPPFLAGS" error: #error "please add -DSTACK_DIRECTION=1 or -1 to your CPPFLAGS" +include/my_global.h #error WHAT? sizeof(long long) < 8 ??? error: #error WHAT? sizeof(long long) < 8 ??? +include/mysql/psi/mysql_socket.h result= send(mysql_socket.fd, buf, IF_WIN((int),) n, flags); error: syntax error +include/mysql/psi/mysql_socket.h result= send(mysql_socket.fd, buf, IF_WIN((int),) n, flags); error: syntax error +include/mysql/psi/psi.h #error "You must include my_global.h in the code for the build to be correct." error: #error "You must include my_global.h in the code for the build to be correct." +mysql-test/lib/My/SafeProcess/safe_process_win.cc |FORMAT_MESSAGE_IGNORE_INSERTS, NULL, last_err , 0, (LPSTR)&message_text, error: Uninitialized variable: message_text +mysys/file_logger.c *l_perm= new_log; error: Uninitialized struct member: new_log.lock +mysys/ma_dyncol.c float8get(store_it_here->x.double_value, data); error: Uninitialized variable: def_temp +mysys/mf_loadpath.c strmake(to, from, FN_REFLEN-1); warning: Uninitialized variable: from +mysys/my_compare.c mi_float4get(f_1,a); error: Uninitialized variable: def_temp +mysys/my_compare.c mi_float4get(f_2,b); error: Uninitialized variable: def_temp +mysys/my_compare.c mi_float8get(d_1,a); error: Uninitialized variable: def_temp +mysys/my_compare.c mi_float8get(d_2,b); error: Uninitialized variable: def_temp +mysys/my_symlink2.c create_link= (linkname && strcmp(abs_linkname,filename)); error: Uninitialized variable: abs_linkname +plugin/sql_errlog/sql_errlog.c (void) localtime_r(&event_time, &t); error: Uninitialized variable: &t +sql-common/client_plugin.c bzero(&unused, sizeof unused); error: va_list 'unused' used before va_start() was called. +sql-common/client_plugin.c plugin= add_plugin(mysql, plugin, 0, 0, unused); error: va_list 'unused' used before va_start() was called. +sql/gen_lex_hash.cc hash_map= (char*)realloc((char*)hash_map,size_hash_map); error: Common realloc mistake: 'hash_map' nulled but not freed upon failure +sql/my_apc.cc apc_calls->prev= qe; error: Non-local variable 'apc_calls->prev' will use pointer to local variable 'apc_request'. +sql/my_apc.cc apc_calls= qe; error: Non-local variable 'apc_calls' will use pointer to local variable 'apc_request'. +sql/sql_string.cc memcpy(dots, STRING_WITH_LEN("...\0")); error: failed to expand 'memcpy', Wrong number of parameters for macro 'memcpy'. +storage/cassandra/gen-cpp/Cassandra_server.skeleton.cpp printf("get_count\n"); error: Found an exit path from function with non-void return type that has missing return statement +storage/connect/connect.cc rcb= valp->SetValue_char(kp, (int)lg); error: Uninitialized variable: lg +storage/connect/connect.cc rcb= valp->SetValue_char((char*)p, (int)lg); error: Uninitialized variable: lg +storage/connect/macutil.cpp #error This is WINDOWS only DLL error: #error This is WINDOWS only DLL +storage/connect/tabjson.cpp Val->SetValue(jsp); warning: Possible null pointer dereference: Val +storage/connect/tabmac.cpp #error This is a WINDOWS only table type error: #error This is a WINDOWS only table type +storage/connect/taboccur.cpp for (i = 0, pcrp = &qrp->Colresp; (crp = *pcrp); ) { warning: Uninitialized variable: *pcrp +storage/connect/tabwmi.cpp #error This is a WINDOWS only table type error: #error This is a WINDOWS only table type +storage/connect/unzip.c us.z_filefunc = *pzlib_filefunc64_32_def; warning: Uninitialized variable: *pzlib_filefunc64_32_def.zopen32_file +storage/connect/value.cpp if ((t -= (n * FOURYEARS)) > 2000000000) error: Signed integer overflow for expression 'n*126230400'. +storage/connect/zip.c ziinit.z_filefunc = *pzlib_filefunc64_32_def; warning: Uninitialized variable: *pzlib_filefunc64_32_def.zopen32_file +storage/federated/ha_federated.cc DBUG_RETURN(retval); error: Uninitialized variable: retval +storage/federatedx/federatedx_pushdown.cc ha_federatedx *h= (ha_federatedx *) table->file; warning: Possible null pointer dereference: table +storage/federatedx/federatedx_pushdown.cc share= get_share(table->s->table_name.str, table); warning: Possible null pointer dereference: table +storage/heap/hp_hash.c float4get(nr, pos); error: Uninitialized variable: def_temp +storage/heap/hp_hash.c float8get(nr, pos); error: Uninitialized variable: def_temp +storage/heap/hp_hash.c float4get(f_1,key); error: Uninitialized variable: def_temp +storage/heap/hp_hash.c float8get(f_1,key); error: Uninitialized variable: def_temp +storage/maria/ma_create.c DBUG_RETURN(my_pwrite(file, buf, sizeof(buf), error: Uninitialized variable: trid_buff +storage/maria/ma_dbug.c mi_float4get(f_1,key); error: Uninitialized variable: def_temp +storage/maria/ma_dbug.c mi_float8get(d_1,key); error: Uninitialized variable: def_temp +storage/maria/ma_ft_parser.c param->mysql_ftparam= &my_param; error: Address of local auto-variable assigned to a function parameter. +storage/maria/ma_key.c float4get(nr,pos); error: Uninitialized variable: def_temp +storage/maria/ma_key.c float8get(nr,pos); error: Uninitialized variable: def_temp +storage/maria/ma_key.c float4get(f_1,key); error: Uninitialized variable: def_temp +storage/maria/ma_key.c float8get(f_1,key); error: Uninitialized variable: def_temp +storage/maria/ma_locking.c write_error= (int) my_pwrite(share->kfile.file, buff, sizeof(buff), error: Uninitialized variable: buff +storage/maria/ma_locking.c (void) my_pwrite(share->kfile.file, buff, sizeof(buff), error: Uninitialized variable: buff +storage/maria/ma_loghandler.c if (! --fc_ptr->counter) warning: Uninitialized variable: fc_ptr +storage/maria/ma_loghandler.c (offset < data->current_offset && warning: Uninitialized variable: data->current_offset +storage/maria/ma_open.c float8get(state->rec_per_key_part[i], ptr); ptr+= 8; error: Uninitialized variable: def_temp +storage/maria/ma_open.c return mysql_file_write(file, buff, (size_t) (ptr-buff), MYF(MY_NABP)) != 0; error: Uninitialized variable: buff +storage/maria/ma_open.c return mysql_file_write(file, buff, (size_t) (ptr-buff), MYF(MY_NABP)) != 0; error: Uninitialized variable: buff +storage/maria/ma_recovery_util.c va_start(args, format); error: va_start() or va_copy() called subsequently on 'args' without va_end() in between. +storage/maria/ma_search.c if (flag == 0) warning: Uninitialized variable: flag +storage/maria/ma_write.c key->data= key_buff; error: Address of local auto-variable assigned to a function parameter. +storage/maria/tablockman.c mysql_mutex_init(& lm->pool_mutex, MY_MUTEX_INIT_FAST); error: failed to expand 'mysql_mutex_init', Wrong number of parameters for macro 'mysql_mutex_init'. +storage/myisam/ft_parser.c param->mysql_ftparam= &my_param; error: Address of local auto-variable assigned to a function parameter. +storage/myisam/mi_dbug.c mi_float4get(f_1,key); error: Uninitialized variable: def_temp +storage/myisam/mi_dbug.c mi_float8get(d_1,key); error: Uninitialized variable: def_temp +storage/myisam/mi_key.c float4get(nr,pos); error: Uninitialized variable: def_temp +storage/myisam/mi_key.c float8get(nr,pos); error: Uninitialized variable: def_temp +storage/myisam/mi_key.c float4get(f_1,key); error: Uninitialized variable: def_temp +storage/myisam/mi_key.c float8get(f_1,key); error: Uninitialized variable: def_temp +storage/myisam/mi_locking.c write_error= (mysql_file_pwrite(share->kfile, buff, sizeof(buff), error: Uninitialized variable: buff +storage/myisam/mi_open.c return mysql_file_write(file, buff, (size_t) (ptr-buff), MYF(MY_NABP)) != 0; error: Uninitialized variable: buff +storage/myisam/mi_open.c return mysql_file_write(file, buff, (size_t) (ptr-buff), MYF(MY_NABP)) != 0; error: Uninitialized variable: buff +storage/myisam/mi_open.c return mysql_file_write(file, buff, (size_t) (ptr-buff), MYF(MY_NABP)) != 0; error: Uninitialized variable: buff +storage/myisam/mi_search.c if (flag == 0) warning: Uninitialized variable: flag +storage/perfschema/pfs_global.cc return NULL; error: Memory leak: ptr +storage/sequence/sequence.cc maria_declare_plugin(sequence) error: syntax error +strings/decimal.c sanity(to); warning: Possible null pointer dereference: to +strings/dump_map.c if (fromstat[i]) error: Array 'fromstat[256]' accessed at index 256, which is out of bounds. +unittest/mytap/tap.c memset(&ap, 0, sizeof(ap)); error: va_list 'ap' used before va_start() was called. +unittest/mytap/tap.c vemit_tap(pass, NULL, ap); error: va_list 'ap' used before va_start() was called. +unittest/mytap/tap.c memset((char*) &ap, 0, sizeof(ap)); /* Keep compiler happy */ error: va_list 'ap' used before va_start() was called. +unittest/mytap/tap.c vemit_tap(1, NULL, ap); error: va_list 'ap' used before va_start() was called. +vio/viotest-sslconnect.cc delete vio; error: Memory pointed to by 'vio' is freed twice. +vio/viotest-sslconnect.cc delete ssl_connector; error: Memory pointed to by 'ssl_connector' is freed twice. +wsrep-lib/src/server_state.cpp try error: syntax error: keyword 'try' is not allowed in global scope +wsrep-lib/src/thread_service_v1.cpp throw; // Implementation broke the contract and returned. error: Rethrowing current exception with 'throw;', it seems there is no current exception to rethrow. If there is no current exception this calls std::terminate(). More: https://isocpp.org/wiki/faq/exceptions#throw-without-an-object diff --git a/tests/code_quality/flawfinder_ignorelist.json b/tests/code_quality/flawfinder_ignorelist.json index 7b598689693..8c5646153f2 100644 --- a/tests/code_quality/flawfinder_ignorelist.json +++ b/tests/code_quality/flawfinder_ignorelist.json @@ -158,6 +158,62 @@ }, "rank": 1.0 }, + { + "ruleId": "FF1031", + "level": "error", + "message": { + "text": "race/chown:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)." + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "./storage/columnstore/columnstore/writeengine/shared/we_typeext.h", + "uriBaseId": "SRCROOT" + }, + "region": { + "startColumn": 16, + "endColumn": 67, + "snippet": { + "text": " if (fs.chown(fileName.c_str(), uid, gid, funcErrno) == -1)" + } + } + } + } + ], + "fingerprints": { + "contextHash/v1": "16bbd2ed7b8f86182e8f66980ee23b9e0dfe63a9330b7c16a2c2b81a3e8a9377" + }, + "rank": 1.0 + }, + { + "ruleId": "FF1031", + "level": "error", + "message": { + "text": "race/chown:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)." + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "./storage/columnstore/columnstore/utils/idbdatafile/PosixFileSystem.cpp", + "uriBaseId": "SRCROOT" + }, + "region": { + "startColumn": 18, + "endColumn": 51, + "snippet": { + "text": " if ((ret = ::chown(objectName, p_uid, p_gid)))" + } + } + } + } + ], + "fingerprints": { + "contextHash/v1": "1882617c363794bedb3e70a4a3be704a3ee928778709b75f971e91ffc7a224b6" + }, + "rank": 1.0 + }, { "ruleId": "FF1033", "level": "error", @@ -214,6 +270,34 @@ }, "rank": 1.0 }, + { + "ruleId": "FF1031", + "level": "error", + "message": { + "text": "race/chown:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)." + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "./storage/columnstore/columnstore/utils/idbdatafile/PosixFileSystem.cpp", + "uriBaseId": "SRCROOT" + }, + "region": { + "startColumn": 22, + "endColumn": 51, + "snippet": { + "text": "int PosixFileSystem::chown(const char* objectName," + } + } + } + } + ], + "fingerprints": { + "contextHash/v1": "357c9645f4ff806e824ffc5714887bbfaafe92c4387521d0dec855875c0c21e5" + }, + "rank": 1.0 + }, { "ruleId": "FF1033", "level": "error", @@ -270,6 +354,34 @@ }, "rank": 1.0 }, + { + "ruleId": "FF1035", + "level": "error", + "message": { + "text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)." + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "./sql/signal_handler.cc", + "uriBaseId": "SRCROOT" + }, + "region": { + "startColumn": 13, + "endColumn": 68, + "snippet": { + "text": " if ((len= readlink(\"/proc/self/cwd\", buff, sizeof(buff)-1)) >= 0)" + } + } + } + } + ], + "fingerprints": { + "contextHash/v1": "4c4d621e451a67f86c3e999e9dd3ceb2639bf4f63b0a946b7836b01d752ca557" + }, + "rank": 1.0 + }, { "ruleId": "FF1010", "level": "error", @@ -298,6 +410,34 @@ }, "rank": 1.0 }, + { + "ruleId": "FF1035", + "level": "error", + "message": { + "text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)." + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "./storage/columnstore/columnstore/primitives/blockcache/fsutils.cpp", + "uriBaseId": "SRCROOT" + }, + "region": { + "startColumn": 27, + "endColumn": 79, + "snippet": { + "text": " ssize_t realnamelen = readlink(path.string().c_str(), realname, PATH_MAX);" + } + } + } + } + ], + "fingerprints": { + "contextHash/v1": "52b685022ce9db6c7c332217d74745fc48b65e3e00f2cfdbde8f858d28b8aa9f" + }, + "rank": 1.0 + }, { "ruleId": "FF1035", "level": "error", @@ -354,6 +494,34 @@ }, "rank": 1.0 }, + { + "ruleId": "FF1031", + "level": "error", + "message": { + "text": "race/chown:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)." + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "./storage/columnstore/columnstore/utils/idbdatafile/IDBFileSystem.h", + "uriBaseId": "SRCROOT" + }, + "region": { + "startColumn": 17, + "endColumn": 46, + "snippet": { + "text": " virtual int chown(const char* objectName," + } + } + } + } + ], + "fingerprints": { + "contextHash/v1": "9d9d3ce8ec5fe165af2a81280b5f9cccf73ba9fbb388bc2ffff6abdbdeb37458" + }, + "rank": 1.0 + }, { "ruleId": "FF1033", "level": "error", @@ -410,34 +578,6 @@ }, "rank": 1.0 }, - { - "ruleId": "FF1035", - "level": "error", - "message": { - "text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)." - }, - "locations": [ - { - "physicalLocation": { - "artifactLocation": { - "uri": "./sql/signal_handler.cc", - "uriBaseId": "SRCROOT" - }, - "region": { - "startColumn": 13, - "endColumn": 66, - "snippet": { - "text": " if ((len= readlink(\"/proc/self/cwd\", buff, sizeof(buff))) >= 0)" - } - } - } - } - ], - "fingerprints": { - "contextHash/v1": "b55a5f3db29b1ce25e12f94e4ea344ed7fb0e63a230cf6b6deb42c28de924457" - }, - "rank": 1.0 - }, { "ruleId": "FF1033", "level": "error", @@ -605,6 +745,62 @@ "contextHash/v1": "e307b1923cc852324e3050b3e4423be7ac4d1d64af274b70b897a85b1cde815f" }, "rank": 1.0 + }, + { + "ruleId": "FF1031", + "level": "error", + "message": { + "text": "race/chown:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)." + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "./storage/columnstore/columnstore/utils/idbdatafile/PosixFileSystem.h", + "uriBaseId": "SRCROOT" + }, + "region": { + "startColumn": 9, + "endColumn": 38, + "snippet": { + "text": " int chown(const char* objectName," + } + } + } + } + ], + "fingerprints": { + "contextHash/v1": "edadf52c51b65383fbcdec8fcf70136a279635c3c98024e456b364d81f9605f7" + }, + "rank": 1.0 + }, + { + "ruleId": "FF1033", + "level": "error", + "message": { + "text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)." + }, + "locations": [ + { + "physicalLocation": { + "artifactLocation": { + "uri": "./storage/columnstore/columnstore/versioning/BRM/oidserver.cpp", + "uriBaseId": "SRCROOT" + }, + "region": { + "startColumn": 13, + "endColumn": 93, + "snippet": { + "text": " chmod(fFilename.c_str(), 0664); // XXXPAT: override umask at least for testing" + } + } + } + } + ], + "fingerprints": { + "contextHash/v1": "fab02b6c6609db1b8bb60e7d58130b030d12cced8cf09f8b6ae499171f612a7b" + }, + "rank": 1.0 } ], "externalPropertyFileReferences": {