mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-15 19:42:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

All-green GitLab CI in 10.4 branch

Browse source 
Note to mergers: Do not merge this commit to 10.5+. An additional PR
will be created for the 10.5 branch which is compatible with later
branches.

Include cppcheck and FlawFinder for SAST scanning.

From 10.6, cherry-picked 12bf5c46 (Remove unused French translations in
Connect engine) and c6072ed9 (Ensure that source files contain only
valid UTF8 encodings). Necessary for FlawFinder to execute and useful
anyway.

Removing MSAN build and test as it was not introduced until 10.5 and
does not successfully build.

Remove failing upgrade test since Fedora installs MariaDB 10.5 and the
10.5->10.4 upgrade rightfully complains

Add to skiplist failing test: main.func_math (MDEV-20966)

All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer
Amazon Web Services, Inc.
This commit is contained in:
Robin Newhouse 2023-03-18 00:19:08 +00:00 committed by Andrew Hutchings
parent 1db4fc543b
commit f4ce1e487e
3 changed files with 938 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

125
.gitlab-ci.yml
View file

@ -27,6 +27,7 @@ stages:
- build
- test
- Salsa-CI
- sast
default:
# Base image for builds and tests unless otherwise defined
@ -42,7 +43,7 @@ variables:
CMAKE_FLAGS: "-DPLUGIN_COLUMNSTORE=NO -DPLUGIN_ROCKSDB=NO -DPLUGIN_S3=NO -DPLUGIN_MROONGA=NO -DPLUGIN_CONNECT=NO -DPLUGIN_MROONGA=NO -DPLUGIN_TOKUDB=NO -DPLUGIN_PERFSCHEMA=NO -DWITH_WSREP=OFF"
# Major version dictates which branches share the same ccache. E.g. 10.6-abc
# and 10.6-xyz will have the same cache.
MARIADB_MAJOR_VERSION: "10.6"
MARIADB_MAJOR_VERSION: "10.4"
# NOTE! Currently ccache is only used on the Centos8 build. As each job has
# sufficiently different environments they are unable to benefit from each
# other's ccaches. As each build generates about 1 GB of ccache, having
@ -206,7 +207,7 @@ fedora-sanitizer:
- builddir/_CPack_Packages/Linux/RPM/SPECS/
parallel:
matrix:
- SANITIZER: [-DWITH_ASAN=YES, -DWITH_TSAN=YES, -DWITH_UBSAN=YES, -DWITH_MSAN=YES]
- SANITIZER: [-DWITH_ASAN=YES, -DWITH_TSAN=YES, -DWITH_UBSAN=YES]
centos8:
stage: build
@ -298,6 +299,7 @@ centos7:
main.mysqldump : Field separator argument is not what is expected; check the manual when executing 'SELECT INTO OUTFILE'
main.flush_logs_not_windows : query 'flush logs' succeeded - should have failed with error ER_CANT_CREATE_FILE (1004)
main.mysql_upgrade_noengine : upgrade output order does not match the expected
main.func_math : MDEV-20966 - Wrong error code
" > skiplist
- ./mtr --suite=main --force --parallel=auto --xml-report=$CI_PROJECT_DIR/junit.xml --skip-test-list=skiplist $RESTART_POLICY
@ -331,6 +333,7 @@ mysql-test-run-asan:
needs:
- "fedora-sanitizer: [-DWITH_ASAN=YES]"
<<: *mysql-test-run-def
allow_failure: true
artifacts:
when: always # Also show results when tests fail
reports:
@ -369,22 +372,6 @@ mysql-test-run-ubsan:
junit:
- junit.xml
mysql-test-run-msan:
stage: test
variables:
RESTART_POLICY: "--force-restart"
dependencies:
- "fedora-sanitizer: [-DWITH_MSAN=YES]"
needs:
- "fedora-sanitizer: [-DWITH_MSAN=YES]"
<<: *mysql-test-run-def
allow_failure: true
artifacts:
when: always # Also show results when tests fail
reports:
junit:
- junit.xml
rpmlint:
stage: test
dependencies:
@ -439,52 +426,70 @@ fedora install:
- installed-database.sql
- upgraded-database.sql
fedora upgrade:
stage: test
dependencies:
- fedora
needs:
- fedora
cppcheck:
stage: sast
needs: []
variables:
GIT_STRATEGY: fetch
GIT_SUBMODULE_STRATEGY: normal
script:
- dnf install -y mariadb-server
# Fedora does not support running services in Docker (like Debian packages do) so start it manually
- /usr/libexec/mariadb-check-socket
- /usr/libexec/mariadb-prepare-db-dir
- sudo -u mysql /usr/libexec/mariadbd --basedir=/usr & sleep 10
# Dump database contents in installed state
- mariadb-dump --all-databases --all-tablespaces --triggers --routines --events --skip-extended-insert > old-installed-database.sql
- /usr/libexec/mariadb-check-upgrade
# Dump database contents in upgraded state
- mariadb-dump --all-databases --all-tablespaces --triggers --routines --events --skip-extended-insert > old-upgraded-database.sql
- mariadb --skip-column-names -e "SELECT @@version, @@version_comment" # Show version
# @TODO: Upgrade from Fedora 33 MariaDB 10.4 to MariaDB.org latest does not work
# so do this manual step to remove conflicts until packaging is fixed
- yum remove -y mariadb-server-utils mariadb-gssapi-server mariadb-cracklib-password-check mariadb-backup mariadb-connector-c-config
- rm -f rpm/*debuginfo* # Not relevant in this test
- yum install -y rpm/*.rpm
# nothing provides galera-4 on Fedora, so this step fails if built with wsrep
- mysql -e "SHUTDOWN;"
- /usr/bin/mariadb-install-db # This step should not do anything on upgrades, just exit
- sudo -u mysql /usr/sbin/mariadbd & sleep 10
# Dump database contents in installed state
- mariadb-dump --all-databases --all-tablespaces --triggers --routines --events --skip-extended-insert > new-installed-database.sql || true
# The step above fails on: mariadb-dump: Couldn't execute 'show events': Cannot proceed, because event scheduler is disabled (1577)
# @TODO: Since we did a manual start, we also need to run upgrade manually
- /usr/bin/mariadb-upgrade
# Dump database contents in upgraded state
- mariadb-dump --all-databases --all-tablespaces --triggers --routines --events --skip-extended-insert > new-upgraded-database.sql
- |
mariadb --skip-column-names -e "SELECT @@version, @@version_comment" | tee /tmp/version
grep $MARIADB_MAJOR_VERSION /tmp/version || echo "MariaDB didn't upgrade properly"
- mariadb --table -e "SELECT * FROM mysql.global_priv; SHOW CREATE USER root@localhost; SHOW CREATE USER 'mariadb.sys'@localhost"
- mariadb --table -e "SELECT * FROM mysql.plugin; SHOW PLUGINS"
- yum install -y cppcheck diffutils
# --template: use a single-line template
# --force: check large directories without warning
# -i<directory>: ignore this directory when scanning
# -j: run multiple cppcheck threads
# Use newline to escape colon in yaml
- >
cppcheck --template="{file}:{line}: {severity}: {message}" --force
client dbug extra include libmariadb libmysqld libservices mysql-test mysys mysys_ssl pcre plugin
strings tests unittest vio wsrep-lib sql sql-common storage
-istorage/mroonga -istorage/tokudb -istorage/spider -istorage/rocksdb -iextra/ -ilibmariadb/ -istorage/columnstore
--output-file=cppcheck.txt -j $(nproc)
# Parallel jobs may output findings in an nondeterministic order. Sort to match ignorelist.
- cat cppcheck.txt | sort > cppcheck_sorted.txt
# Remove line numbers for diff
- sed 's/:[^:]*:/:/' cppcheck_sorted.txt > cppcheck_sorted_no_line_numbers.txt
# Only print new issues not found in ignore list
- echo "Problems found in ignore list that were not discovered by cppcheck (may have been fixed)."
- diff --changed-group-format='%>' --unchanged-group-format='' cppcheck_sorted_no_line_numbers.txt tests/code_quality/cppcheck_ignorelist.txt || true
- echo "Problems found by cppcheck that were not in ignore list."
- diff --changed-group-format='%<' --unchanged-group-format='' cppcheck_sorted_no_line_numbers.txt tests/code_quality/cppcheck_ignorelist.txt > lines_not_ignored.txt || true
- cat lines_not_ignored.txt && test ! -s lines_not_ignored.txt
artifacts:
when: always
paths:
- old-installed-database.sql
- old-upgraded-database.sql
- new-installed-database.sql
- new-upgraded-database.sql
- cppcheck_sorted.txt
flawfinder:
stage: sast
needs: []
variables:
GIT_STRATEGY: fetch
GIT_SUBMODULE_STRATEGY: normal
script:
- yum install -y python3 python3-pip jq diffutils git
- pip install flawfinder
- flawfinder --falsepositive --quiet --html . > flawfinder-all-vulnerabilities.html
- cat flawfinder-all-vulnerabilities.html | grep "Hits ="
- flawfinder --falsepositive --quiet --minlevel=5 --sarif . > flawfinder-output.json
# FlawFinder's --sarif output will display all vulnerabilities despite having --minlevel=5 specified.
# Therefore, we postprocess the results with jq and filter out findings where the vulnerability level is less than 5.
# Also in the SARIF output format, the vulnerabilities are ranked as 0.2/0.4/0.6/0.8/1.0 which correspond to the --minlevel=1/2/3/4/5 of FlawFinder.
# Additionally, we sort the results because individual findings are consistent across different runs, but their ordering may not be.
# Vulnerabilities can also be ignored in-line (/* Flawfinder: ignore */), but this option was chosen as to not clutter the codebase.
- jq 'del(.runs[] | .tool | .driver | .rules) | del(.runs[] | .results[] | select(.rank < 1)) | del(.runs[] | .results[] | .locations[] | .physicalLocation | .region | .startLine) | .runs[0].results|=sort_by(.fingerprints)' flawfinder-output.json > flawfinder-min-level5.json
# Diff against known vulnerabilities, but ignore the line number.
- echo "Problems found in ignore list that were not discovered by flawfinder (may have been fixed)."
- diff --changed-group-format='%>' --unchanged-group-format='' flawfinder-min-level5.json tests/code_quality/flawfinder_ignorelist.json || true
- echo "Problems found by flawfinder that were not in ignore list."
- diff --changed-group-format='%<' --unchanged-group-format='' flawfinder-min-level5.json tests/code_quality/flawfinder_ignorelist.json > lines_not_ignored.txt || true
- cat lines_not_ignored.txt && test ! -s lines_not_ignored.txt
artifacts:
when: always
paths:
- flawfinder-all-vulnerabilities.html
- flawfinder-min-level5.json
# Once all RPM builds and tests have passed, also run the DEB builds and tests
# @NOTE: This is likely to work well only on salsa.debian.org as the Gitlab.com
# runners are too small for everything this stage does.

251
tests/code_quality/cppcheck_ignorelist.txt Normal file
View file

@ -0,0 +1,251 @@
client/mysql.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
client/mysql_upgrade.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
client/mysqladmin.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
client/mysqlbinlog.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
client/mysqlcheck.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
client/mysqlimport.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
client/mysqlshow.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
client/mysqltest.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
dbug/tests.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
lexyy.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
mysql-test/lib/My/SafeProcess/safe_process_win.cc: error: Uninitialized variable: message_text
mysys/mf_keycache.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
mysys/my_delete.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
mysys/my_fopen.c: error: Return value of allocation function 'freopen' is not stored.
mysys/my_getsystime.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
mysys/my_pread.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
mysys/my_rename.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
mysys/my_winfile.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
mysys/my_write.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
mysys/thr_lock.c: error: There is an unknown macro here somewhere. Configuration is required. If MYSQL_TABLE_WAIT_VARIABLES is a macro then please configure it.
mysys/tree.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
pcre/pcrecpp.cc: warning: Uninitialized variable: kmat
pcre/pcrecpp.h: error: syntax error
pcre/pcregrep.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/audit_null/audit_null.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_ed25519/server_ed25519.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_examples/auth_0x0100.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_examples/dialog_examples.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_examples/qa_auth_interface.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_examples/qa_auth_server.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_examples/test_plugin.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_gssapi/server_plugin.cc: error: syntax error
plugin/auth_gssapi/sspi.h: error: #include nested too deeply
plugin/auth_pam/auth_pam.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_pam/auth_pam_v1.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_pipe/auth_pipe.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/auth_socket/auth_socket.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/aws_key_management/aws_key_management_plugin.cc: error: syntax error
plugin/cracklib_password_check/cracklib_password_check.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/daemon_example/daemon_example.cc: error: syntax error
plugin/debug_key_management/debug_key_management_plugin.cc: error: syntax error
plugin/disks/information_schema_disks.cc: error: syntax error
plugin/example_key_management/example_key_management_plugin.cc: error: syntax error
plugin/feedback/feedback.cc: error: syntax error
plugin/file_key_management/file_key_management_plugin.cc: error: syntax error
plugin/fulltext/plugin_example.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/handler_socket/handlersocket/handlersocket.cpp: error: syntax error
plugin/locale_info/locale_info.cc: error: syntax error
plugin/metadata_lock_info/metadata_lock_info.cc: error: syntax error
plugin/metadata_lock_info/metadata_lock_info.cc: error: syntax error
plugin/qc_info/qc_info.cc: error: syntax error
plugin/query_response_time/plugin.cc: error: syntax error
plugin/query_response_time/query_response_time.cc: error: Array 'm_count[41]' accessed at index 43, which is out of bounds.
plugin/query_response_time/query_response_time.cc: error: Array 'm_total[41]' accessed at index 43, which is out of bounds.
plugin/server_audit/server_audit.c: error: Uninitialized variable: &tm_time
plugin/server_audit/server_audit.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/server_audit/server_audit.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/server_audit/server_audit.c: error: Uninitialized variable: &tm_time
plugin/simple_password_check/simple_password_check.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/sql_errlog/sql_errlog.c: error: Found a exit path from function with non-void return type that has missing return statement
plugin/sql_errlog/sql_errlog.c: error: Uninitialized variable: &t
plugin/user_variables/user_variables.cc: error: syntax error
plugin/userstat/userstat.cc: error: syntax error
plugin/versioning/versioning.cc: error: syntax error
plugin/wsrep_info/plugin.cc: error: syntax error
sql-common/client.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
sql-common/client_plugin.c: error: va_list 'unused' used before va_start() was called.
sql-common/client_plugin.c: error: va_list 'unused' used before va_start() was called.
sql-common/client_plugin.c: error: va_list 'unused' used before va_start() was called.
sql-common/client_plugin.c: error: va_list 'unused' used before va_start() was called.
sql/debug_sync.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE is a macro then please configure it.
sql/gcalc_slicescan.cc: warning: Possible null pointer dereference: first_bottom_point
sql/gen_lex_hash.cc: error: Common realloc mistake: 'hash_map' nulled but not freed upon failure
sql/handler.h: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
sql/log.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
sql/log_event.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
sql/log_event_old.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
sql/net_serv.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
sql/protocol.h: error: syntax error
sql/rpl_utility.h: error: There is an unknown macro here somewhere. Configuration is required. If CPP_UNNAMED_NS_START is a macro then please configure it.
sql/semisync_slave.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
sql/sql_select.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
sql/sql_string.cc: warning: Iterators to containers from different expressions 'to' and 'from' are used together.
sql/table.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
sql/winservice.c: error: Resource leak: mysql_upgrade_info
sql/wsrep_thd.h: error: failed to expand 'wsrep_create_appliers', Wrong number of parameters for macro 'wsrep_create_appliers'.
storage/archive/azio.c: error: Syntax Error: AST broken, 'if' doesn't have two operands.
storage/archive/ha_archive.cc: error: syntax error
storage/blackhole/ha_blackhole.cc: error: syntax error
storage/cassandra/gen-cpp/Cassandra_server.skeleton.cpp: error: Found a exit path from function with non-void return type that has missing return statement
storage/cassandra/ha_cassandra.cc: error: syntax error
storage/connect/connect.cc: error: Uninitialized variable: lg
storage/connect/domdoc.cpp: error: syntax error
storage/connect/ha_connect.cc: error: syntax error
storage/connect/myconn.cpp: error: Unmatched '{'. Configuration: 'ALPHA;MYSQL_PREPARED_STATEMENTS'.
storage/connect/myconn.cpp: error: Unmatched '{'. Configuration: 'MYSQL_PREPARED_STATEMENTS'.
storage/connect/odbconn.cpp: warning: Uninitialized variable: b
storage/connect/odbconn.cpp: warning: Uninitialized variable: b
storage/connect/odbconn.cpp: warning: Uninitialized variable: b
storage/connect/plugutil.cpp: error: Width 255 given in format string (no. 2) is larger than destination buffer 'stmsg[200]', use %199[^\"] to prevent overflowing it.
storage/connect/plugutil.cpp: error: Width 255 given in format string (no. 1) is larger than destination buffer 'stmsg[200]', use %199[^\"] to prevent overflowing it.
storage/connect/tabjson.cpp: warning: Possible null pointer dereference: Val
storage/connect/tabmul.cpp: error: Uninitialized variable: buf
storage/connect/tabmul.cpp: error: Uninitialized variable: buf
storage/connect/tabmul.cpp: error: Uninitialized variable: buf
storage/connect/taboccur.cpp: warning: Uninitialized variable: *pcrp
storage/connect/unzip.c: warning: Uninitialized variable: *pzlib_filefunc64_32_def.zopen32_file
storage/connect/value.cpp: error: Signed integer overflow for expression 'n*126230400'.
storage/connect/zip.c: warning: Uninitialized variable: *pzlib_filefunc64_32_def.zopen32_file
storage/csv/ha_tina.cc: error: syntax error
storage/example/ha_example.cc: error: syntax error
storage/federated/ha_federated.cc: error: syntax error
storage/heap/ha_heap.cc: error: syntax error
storage/innobase/btr/btr0btr.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/btr/btr0cur.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/btr/btr0defragment.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it.
storage/innobase/btr/btr0sea.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/buf/buf0buf.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/buf/buf0dump.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it.
storage/innobase/buf/buf0flu.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it.
storage/innobase/buf/buf0lru.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/dict/dict0crea.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/dict/dict0dict.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/dict/dict0load.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/dict/dict0stats.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/dict/dict0stats_bg.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it.
storage/innobase/fil/fil0crypt.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/fil/fil0fil.cc: error: syntax error
storage/innobase/fsp/fsp0file.cc: error: Resource leak: file
storage/innobase/fsp/fsp0fsp.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/fts/fts0fts.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/fts/fts0opt.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/fts/fts0que.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/gis/gis0rtree.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/gis/gis0sea.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/handler/ha_innodb.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/handler/handler0alter.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/handler/i_s.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/ibuf/ibuf0ibuf.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/ibuf/ibuf0ibuf.cc: error: failed to expand 'ibuf_bitmap_page_get_bits', Wrong number of parameters for macro 'ibuf_bitmap_page_get_bits'.
storage/innobase/lock/lock0lock.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/lock/lock0wait.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/lock/lock0wait.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/log/log0log.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/log/log0recv.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/os/os0file.cc: error: syntax error
storage/innobase/page/page0page.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/page/page0zip.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/pars/pars0pars.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/row/row0ftsort.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/row/row0import.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/row/row0ins.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/row/row0log.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/row/row0merge.cc: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/innobase/row/row0mysql.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/row/row0quiesce.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/row/row0sel.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/row/row0umod.cc: error: There is an unknown macro here somewhere. Configuration is required. If ut_d is a macro then please configure it.
storage/innobase/row/row0upd.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/row/row0vers.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/srv/srv0conc.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ALIGNED is a macro then please configure it.
storage/innobase/srv/srv0srv.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/srv/srv0start.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ATTRIBUTE is a macro then please configure it.
storage/innobase/trx/trx0i_s.cc: error: Array 'table_cache->chunks[39]' accessed at index 39, which is out of bounds.
storage/innobase/trx/trx0i_s.cc: error: Array 'table_cache->chunks[39]' accessed at index 39, which is out of bounds.
storage/innobase/trx/trx0purge.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/trx/trx0rec.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/trx/trx0roll.cc: error: There is an unknown macro here somewhere. Configuration is required. If DECLARE_THREAD is a macro then please configure it.
storage/innobase/trx/trx0trx.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/innobase/trx/trx0undo.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ha_maria.cc: error: syntax error
storage/maria/ma_bitmap.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_blockrec.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_check.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_checkpoint.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_delete.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/maria/ma_delete.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_ft_parser.c: error: Address of local auto-variable assigned to a function parameter.
storage/maria/ma_key.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_loghandler.c: warning: Uninitialized variable: data->current_offset
storage/maria/ma_open.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/maria/ma_pagecache.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_pagecache.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_range.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_recovery_util.c: error: va_start() or va_copy() called subsequently on 'args' without va_end() in between.
storage/maria/ma_rkey.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_rt_index.c: error: failed to expand 'rt_PAGE_END', Wrong number of parameters for macro 'rt_PAGE_END'.
storage/maria/ma_search.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_sp_key.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_update.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/maria/ma_update.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/ma_write.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/maria/ma_write.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/maria/maria_pack.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/ft_parser.c: error: Address of local auto-variable assigned to a function parameter.
storage/myisam/ha_myisam.cc: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_check.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_close.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/myisam/mi_delete.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_key.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_locking.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_open.c: error: There is an unknown macro here somewhere. Configuration is required. If DBUG_EXECUTE_IF is a macro then please configure it.
storage/myisam/mi_range.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_rkey.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_search.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_update.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/mi_write.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisam/myisampack.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
storage/myisammrg/ha_myisammrg.cc: error: syntax error
storage/oqgraph/ha_oqgraph.cc: error: syntax error
storage/perfschema/ha_perfschema.cc: error: syntax error
storage/perfschema/pfs_instr.h: error: Uninitialized variable: m_has_io_stats
storage/perfschema/pfs_instr.h: error: Uninitialized variable: m_has_lock_stats
storage/perfschema/pfs_instr_class.cc: error: There is an unknown macro here somewhere. Configuration is required. If MY_ALIGNED is a macro then please configure it.
storage/perfschema/table_accounts.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_esgs_by_account_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_esgs_by_host_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_esgs_by_user_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_esms_by_account_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_esms_by_host_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_esms_by_user_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_events_waits.cc: error: Uninitialized struct member: wait.m_wait_class
storage/perfschema/table_events_waits.cc: error: Uninitialized variable: wait
storage/perfschema/table_events_waits.cc: error: Uninitialized struct member: wait.m_wait_class
storage/perfschema/table_ews_by_account_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_ews_by_host_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_ews_by_user_by_event_name.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_hosts.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_setup_actors.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_threads.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/perfschema/table_users.cc: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
storage/sequence/sequence.cc: error: syntax error
storage/test_sql_discovery/test_sql_discovery.cc: error: syntax error
strings/decimal.c: warning: Possible null pointer dereference: to
strings/dump_map.c: error: Array 'fromstat[256]' accessed at index 256, which is out of bounds.
tests/mysql_client_fw.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
tests/thread_test.c: error: There is an unknown macro here somewhere. Configuration is required. If STRINGIFY_ARG is a macro then please configure it.
unittest/mysys/dynstring-t.c: error: syntax error
unittest/mysys/queues-t.c: error: Uninitialized variable: i
unittest/mysys/waiting_threads-t.c: error: Uninitialized variable: m
unittest/mytap/tap.c: error: va_list 'ap' used before va_start() was called.
unittest/mytap/tap.c: error: va_list 'ap' used before va_start() was called.
unittest/mytap/tap.c: error: va_list 'ap' used before va_start() was called.
unittest/mytap/tap.c: error: va_list 'ap' used before va_start() was called.
vio/viosocket.c: error: There is an unknown macro here somewhere. Configuration is required. If MYSQL_SOCKET_WAIT_VARIABLES is a macro then please configure it.
vio/viosocket.c: error: There is an unknown macro here somewhere. Configuration is required. If MYSQL_SOCKET_WAIT_VARIABLES is a macro then please configure it.
vio/viosslfactories.c: error: There is an unknown macro here somewhere. Configuration is required. If ; is a macro then please configure it.
vio/viotest-sslconnect.cc: error: Memory pointed to by 'vio' is freed twice.
vio/viotest-sslconnect.cc: error: Memory pointed to by 'ssl_connector' is freed twice.
wsrep-lib/src/server_state.cpp: error: syntax error: keyword 'try' is not allowed in global scope
wsrep-lib/src/thread_service_v1.cpp: error: Rethrowing current exception with 'throw;', it seems there is no current exception to rethrow. If there is no current exception this calls std::terminate(). More: https://isocpp.org/wiki/faq/exceptions#throw-without-an-object

622
tests/code_quality/flawfinder_ignorelist.json Normal file
View file

@ -0,0 +1,622 @@
{
"$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "Flawfinder",
"version": "2.0.19",
"informationUri": "https://dwheeler.com/flawfinder/",
"supportedTaxonomies": [
{
"name": "CWE",
"guid": "FFC64C90-42B6-44CE-8BEB-F6B7DAE649E5"
}
]
}
},
"columnKind": "utf16CodeUnits",
"results": [
{
"ruleId": "FF1010",
"level": "error",
"message": {
"text": "buffer/strncat:Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/tokudb/PerconaFT/portability/file.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 5,
"endColumn": 39,
"snippet": {
"text": " strncat(buf, path, TOKU_PATH_MAX);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "02af921b7054342955d8e30b196aa5ffdc3b1ac019e26c92823a7ab171d2b1fa"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/tokudb/PerconaFT/ft/logger/logformat.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 5,
"endColumn": 40,
"snippet": {
"text": " chmod(headerpath, S_IRUSR|S_IWUSR);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "085f579f942967e5c81fff75af832721b7b9bc59e54a7a9ebc086065cf56be13"
},
"rank": 1.0
},
{
"ruleId": "FF1035",
"level": "error",
"message": {
"text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/tokudb/PerconaFT/portability/file.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 25,
"endColumn": 63,
"snippet": {
"text": " ssize_t s = readlink(fdname, lname, sizeof lname);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "0dba1d2cdc995ccf30ad8fe5ce3ccf8795bd4f5a207f65c627affa2ef388496c"
},
"rank": 1.0
},
{
"ruleId": "FF1035",
"level": "error",
"message": {
"text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./extra/mariabackup/xtrabackup.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 17,
"endColumn": 57,
"snippet": {
"text": " ssize_t ret = readlink(\"/proc/self/exe\", buf, size-1);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "11523490c7f8cba115bce125bbce94de5cd5e7f66d4dd07a391aac70fbbdd353"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./client/mysqltest.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 13,
"endColumn": 38,
"snippet": {
"text": " err_code= chmod(ds_file.str, mode);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "12a7fa6bbd4c81be975838bae2b7b26fe841acaf9804e6d0299188683e230908"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/tokudb/PerconaFT/ft/logger/logformat.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 5,
"endColumn": 38,
"snippet": {
"text": " chmod(codepath, S_IRUSR|S_IWUSR);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "2827dedcdf10af2bf4105f3d48e30575238fa2552603cdcb09d536b288808f0e"
},
"rank": 1.0
},
{
"ruleId": "FF1014",
"level": "error",
"message": {
"text": "buffer/gets:Does not check for buffer overflows (CWE-120, CWE-20)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./extra/readline/tilde.c",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 12,
"endColumn": 24,
"snippet": {
"text": " if (!gets (line))"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "34a940ccc6e0248a2cf725e8a0c3f808d1f36d47fc814bd9daadb17f5563d357"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./sql/sql_class.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 10,
"endColumn": 28,
"snippet": {
"text": " (void) chmod(path, 0644);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "3f97fd0452062ab69db87a04222a17c37c216c4e28e2ae3622730da8dd070d2e"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./mysys/my_chmod.c",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 7,
"endColumn": 25,
"snippet": {
"text": " if (chmod(name, mode))"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "46805eec1d288b072d4edb3214822220d394307195be79a33ec3bce455d14750"
},
"rank": 1.0
},
{
"ruleId": "FF1010",
"level": "error",
"message": {
"text": "buffer/strncat:Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/tokudb/PerconaFT/ft/tests/recovery-datadir-is-file.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 9,
"endColumn": 47,
"snippet": {
"text": " strncat(buf, testfile, TOKU_PATH_MAX);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "4ca2dff1e35445f7997a9979cdd006d89befcc89922cf5d4a60bc9c07126a78d"
},
"rank": 1.0
},
{
"ruleId": "FF1035",
"level": "error",
"message": {
"text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./mysys/my_symlink.c",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 15,
"endColumn": 56,
"snippet": {
"text": " if ((length=readlink(filename, to, FN_REFLEN-1)) < 0)"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "7da5207ac0f5baba73c026472a2d3805eed92931852575db64f513702977dd70"
},
"rank": 1.0
},
{
"ruleId": "FF1031",
"level": "error",
"message": {
"text": "race/chown:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./mysys/my_redel.c",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 7,
"endColumn": 49,
"snippet": {
"text": " if (chown(to, statbuf.st_uid, statbuf.st_gid))"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "97d2cfe4cb9428e812b796eb39c27f28dc8b198ab9655c2aff8c442de39bdcfe"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/tokudb/PerconaFT/ft/logger/logformat.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 9,
"endColumn": 50,
"snippet": {
"text": " chmod(codepath, S_IRUSR|S_IRGRP|S_IROTH);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "a62b28fca5c6218ee4731e78bb3eacb93604fae20c91c69cccad3834973e70d5"
},
"rank": 1.0
},
{
"ruleId": "FF1035",
"level": "error",
"message": {
"text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/rocksdb/rocksdb/port/stack_trace.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 15,
"endColumn": 54,
"snippet": {
"text": " auto read = readlink(link, name, sizeof(name) - 1);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "acb399f2a4a15ef8da36c47631bc4ee4bcc1bb0577dfbda141d2eb5d7723af40"
},
"rank": 1.0
},
{
"ruleId": "FF1035",
"level": "error",
"message": {
"text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./sql/signal_handler.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 13,
"endColumn": 66,
"snippet": {
"text": " if ((len= readlink(\"/proc/self/cwd\", buff, sizeof(buff))) >= 0)"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "b55a5f3db29b1ce25e12f94e4ea344ed7fb0e63a230cf6b6deb42c28de924457"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./mysys/my_copy.c",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 9,
"endColumn": 46,
"snippet": {
"text": " if (chmod(to, stat_buff.st_mode & 07777))"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "bddb795a7efbd73a4387bbd33fd4f9e505b4f759d784e5d51f60cc43011ee610"
},
"rank": 1.0
},
{
"ruleId": "FF1031",
"level": "error",
"message": {
"text": "race/chown:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./mysys/my_copy.c",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 9,
"endColumn": 55,
"snippet": {
"text": " if (chown(to, stat_buff.st_uid, stat_buff.st_gid))"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "c63a81105d753de4762cbcab48d9700f7069da3cd9d57bf4329a6d20fad288aa"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/tokudb/PerconaFT/ft/logger/logformat.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 9,
"endColumn": 52,
"snippet": {
"text": " chmod(headerpath, S_IRUSR|S_IRGRP|S_IROTH);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "cc51b21d9b803a08b6c619b63abf77f4ca9ce247db0ef1b81f4bd83dfb95f3d8"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./sql/mysqld.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 12,
"endColumn": 71,
"snippet": {
"text": " (void) chmod(mysqld_unix_port,S_IFSOCK);\t/* Fix solaris 2.6 bug */"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "d0c4f1302290e2367e246ef7c8d3ea69589cbc4bc148e0efdd4c283fa03cbe01"
},
"rank": 1.0
},
{
"ruleId": "FF1033",
"level": "error",
"message": {
"text": "race/chmod:This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./mysys/my_redel.c",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 7,
"endColumn": 42,
"snippet": {
"text": " if (chmod(to, statbuf.st_mode & 07777))"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "e11b8df9cbb9e459e4d67a0af5e627b6b1285c78fe23f5a1c823285da96495a8"
},
"rank": 1.0
},
{
"ruleId": "FF1035",
"level": "error",
"message": {
"text": "race/readlink:This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20)."
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "./storage/tokudb/PerconaFT/portability/file.cc",
"uriBaseId": "SRCROOT"
},
"region": {
"startColumn": 29,
"endColumn": 67,
"snippet": {
"text": " ssize_t n = readlink(fname, symname, MY_MAX_PATH);"
}
}
}
}
],
"fingerprints": {
"contextHash/v1": "e307b1923cc852324e3050b3e4423be7ac4d1d64af274b70b897a85b1cde815f"
},
"rank": 1.0
}
],
"externalPropertyFileReferences": {
"taxonomies": [
{
"location": {
"uri": "https://raw.githubusercontent.com/sarif-standard/taxonomies/main/CWE_v4.4.sarif"
},
"guid": "FFC64C90-42B6-44CE-8BEB-F6B7DAE649E5"
}
]
}
}
]
}