Details
Description
*** CID 1368529: Security best practices violations (TOCTOU)
|
/test/recovery/random-abort.c: 355 in main()
|
349
|
350 absent = count = 0;
|
351 fatal = false;
|
352 for (i = 0; i < nth; ++i) {
|
353 middle = 0;
|
354 snprintf(fname, sizeof(fname), RECORDS_FILE, i);
|
>>> CID 1368529: Security best practices violations (TOCTOU)
|
>>> Calling function "fopen" that uses "fname" after a check function. This can cause a time-of-check, time-of-use race condition.
|
355 if ((fp = fopen(fname, "r")) == NULL) {
|
356 fprintf(stderr,
|
357 "Failed to open %s. i %" PRIu32 "\n", fname, i);
|
358 testutil_die(errno, "fopen");
|
359 }
|
360
|
*** CID 1368528: (DEADCODE)
|
/bench/wtperf/wtperf.c: 2533 in main()
|
2527 req_len += (user_cconfig != NULL ? strlen(user_cconfig) : 0);
|
2528 req_len += (debug_cconfig != NULL ? strlen(debug_cconfig) : 0);
|
2529 cc_buf = dmalloc(req_len);
|
2530
|
2531 if (wtperf->async_config != NULL &&
|
2532 strlen(wtperf->async_config)) {
|
>>> CID 1368528: (DEADCODE)
|
>>> Execution cannot reach the expression "","" inside this statement: "pos += (uint32_t)snprintf(c...".
|
2533 pos += (uint32_t)snprintf(
|
2534 cc_buf + pos, req_len - pos, "%s%s",
|
2535 append_comma ? "," : "", wtperf->async_config);
|
2536 append_comma = true;
|
2537 }
|
2538 if (wtperf->compress_ext != NULL &&
|
/bench/wtperf/wtperf.c: 2585 in main()
|
2579 req_len += (user_tconfig != NULL ? strlen(user_tconfig) : 0);
|
2580 req_len += (debug_tconfig != NULL ? strlen(debug_tconfig) : 0);
|
2581 tc_buf = dmalloc(req_len);
|
2582
|
2583 if (wtperf->compress_table != NULL &&
|
2584 strlen(wtperf->compress_table)) {
|
>>> CID 1368528: (DEADCODE)
|
>>> Execution cannot reach the expression "","" inside this statement: "pos += (uint32_t)snprintf(t...".
|
2585 pos += (uint32_t)snprintf(
|
2586 tc_buf + pos, req_len - pos, "%s%s",
|
2587 append_comma ? "," : "", wtperf->compress_table);
|
2588 append_comma = true;
|
2589 }
|
2590 if (opts->index) {
|