Fixing security vulnerabilities reported by MSVC security checks

components/containers/partitioned_vector/include/hpx/components/containers/partitioned_vector/partitioned_vector_decl.hpp

@@ -425,7 +425,7 @@ namespace hpx {
                 copy_from(rhs);
         }
 
-        partitioned_vector(partitioned_vector&& rhs)
+        partitioned_vector(partitioned_vector&& rhs) noexcept
           : base_type(HPX_MOVE(rhs))
           , size_(rhs.size_)
           , partition_size_(rhs.partition_size_)
@@ -479,7 +479,7 @@ namespace hpx {
             return *this;
         }
 
-        partitioned_vector& operator=(partitioned_vector&& rhs)
+        partitioned_vector& operator=(partitioned_vector&& rhs) noexcept
         {
             if (this != &rhs)
             {

components/containers/unordered/include/hpx/components/containers/unordered/partition_unordered_map_component.hpp

@@ -108,13 +108,14 @@ namespace hpx { namespace server {
             return *this;
         }
 
-        partition_unordered_map(partition_unordered_map&& rhs)
+        partition_unordered_map(partition_unordered_map&& rhs) noexcept
           : base_type(HPX_MOVE(rhs))
           , partition_unordered_map_(HPX_MOVE(rhs.partition_unordered_map_))
         {
         }
 
-        partition_unordered_map& operator=(partition_unordered_map&& rhs)
+        partition_unordered_map& operator=(
+            partition_unordered_map&& rhs) noexcept
         {
             if (this != &rhs)
             {

components/containers/unordered/include/hpx/components/containers/unordered/unordered_map.hpp

@@ -77,7 +77,7 @@ namespace hpx { namespace server {
             template <typename Archive>
             void serialize(Archive& ar, unsigned)
             {
-                ar& partition_& locality_id_;
+                ar & partition_ & locality_id_;
             }
         };
 
@@ -101,7 +101,7 @@ namespace hpx { namespace server {
         template <typename Archive>
         void serialize(Archive& ar, unsigned)
         {
-            ar& partitions_;
+            ar & partitions_;
         }
     };
 }}    // namespace hpx::server
@@ -593,9 +593,9 @@ namespace hpx {
             copy_from(rhs);
         }
 
-        unordered_map(unordered_map&& rhs)
-          : base_type(HPX_MOVE(rhs))
-          , hash_base_type(HPX_MOVE(rhs))
+        unordered_map(unordered_map&& rhs) noexcept
+          : base_type(HPX_MOVE(static_cast<base_type&&>(rhs)))
+          , hash_base_type(HPX_MOVE(static_cast<hash_base_type&&>(rhs)))
           , partitions_(HPX_MOVE(rhs.partitions_))
         {
         }
@@ -606,7 +606,7 @@ namespace hpx {
                 copy_from(rhs);
             return *this;
         }
-        unordered_map& operator=(unordered_map&& rhs)
+        unordered_map& operator=(unordered_map&& rhs) noexcept
         {
             if (this != &rhs)
             {

components/iostreams/include/hpx/components/iostreams/ostream.hpp

@@ -239,8 +239,16 @@ namespace hpx { namespace iostreams {
             // Create the next buffer, returns the previous buffer
             buffer next = this->detail::buffer::init_locked();
 
-            // Unlock the mutex before we cleanup.
+            // 26110: Caller failing to hold lock 'l'
+#if defined(HPX_MSVC)
+#pragma warning(push)
+#pragma warning(disable : 26110)
+#endif
+            // Unlock the mutex before we clean up.
             l.unlock();
+#if defined(HPX_MSVC)
+#pragma warning(pop)
+#endif
 
             // Perform the write operation, then destroy the old buffer and
             // stream.

components/iostreams/include/hpx/components/iostreams/server/buffer.hpp

@@ -38,7 +38,7 @@ namespace hpx { namespace iostreams { namespace detail {
         {
         }
 
-        buffer(buffer&& rhs)
+        buffer(buffer&& rhs) noexcept
           : data_(HPX_MOVE(rhs.data_))
           , mtx_(HPX_MOVE(rhs.mtx_))
         {
@@ -54,7 +54,7 @@ namespace hpx { namespace iostreams { namespace detail {
             return *this;
         }
 
-        buffer& operator=(buffer&& rhs)
+        buffer& operator=(buffer&& rhs) noexcept
         {
             if (this != &rhs)
             {

components/parcel_plugins/coalescing/include/hpx/parcel_coalescing/counter_registry.hpp

@@ -49,7 +49,7 @@ namespace hpx::plugins::parcel {
             get_counter_type average_time_between_parcels;
             get_counter_values_creator_type
                 time_between_parcels_histogram_creator;
-            std::int64_t min_boundary, max_boundary, num_buckets;
+            std::int64_t min_boundary = 0, max_boundary = 0, num_buckets = 0;
         };
 
         using map_type = std::unordered_map<std::string, counter_functions,

components/parcel_plugins/coalescing/include/hpx/parcel_coalescing/message_buffer.hpp

@@ -54,7 +54,7 @@ namespace hpx::plugins::parcel::detail {
         {
         }
 
-        message_buffer& operator=(message_buffer&& rhs)
+        message_buffer& operator=(message_buffer&& rhs) noexcept
         {
             if (&rhs != this)
             {

components/parcel_plugins/coalescing/src/coalescing_message_handler.cpp

@@ -276,7 +276,16 @@ namespace hpx::plugins::parcel {
         std::swap(buff, buffer_);
 
         ++num_messages_;
+
+        // 26110: Caller failing to hold lock 'l'
+#if defined(HPX_MSVC)
+#pragma warning(push)
+#pragma warning(disable : 26110)
+#endif
         l.unlock();
+#if defined(HPX_MSVC)
+#pragma warning(pop)
+#endif
 
         HPX_ASSERT(nullptr != pp_);
         buff(pp_);    // 'invoke' the buffer

components/process/include/hpx/components/process/util/windows/child.hpp

@@ -3,7 +3,7 @@
 // Copyright (c) 2009 Boris Schaeling
 // Copyright (c) 2010 Felipe Tanus, Boris Schaeling
 // Copyright (c) 2011, 2012 Jeff Flinn, Boris Schaeling
-// Copyright (c) 2016 Hartmut Kaiser
+// Copyright (c) 2016-2024 Hartmut Kaiser
 //
 //  SPDX-License-Identifier: BSL-1.0
 // Distributed under the Boost Software License, Version 1.0. (See accompanying
@@ -19,57 +19,61 @@
 
 #include <windows.h>
 
-namespace hpx { namespace components { namespace process { namespace windows {
+namespace hpx::components::process::windows {
 
-class child
-{
-public:
-    PROCESS_INFORMATION proc_info;
-
-    child()
+    class child
     {
-        std::memset(&proc_info, '\0', sizeof(PROCESS_INFORMATION));
-        proc_info.hProcess = INVALID_HANDLE_VALUE;
-        proc_info.hThread = INVALID_HANDLE_VALUE;
-    }
-
-    explicit child(const PROCESS_INFORMATION &pi)
-      : proc_info(pi)
-    {}
+    public:
+        PROCESS_INFORMATION proc_info;
 
-    ~child()
-    {
-        if (proc_info.hProcess != INVALID_HANDLE_VALUE)
-            ::CloseHandle(proc_info.hProcess);
-        if (proc_info.hThread != INVALID_HANDLE_VALUE)
-            ::CloseHandle(proc_info.hThread);
-    }
+        child()
+        {
+            std::memset(&proc_info, '\0', sizeof(PROCESS_INFORMATION));
+            proc_info.hProcess = INVALID_HANDLE_VALUE;
+            proc_info.hThread = INVALID_HANDLE_VALUE;
+        }
 
-    child(child && c) : proc_info(c.proc_info)
-    {
-        c.proc_info.hProcess = INVALID_HANDLE_VALUE;
-        c.proc_info.hThread = INVALID_HANDLE_VALUE;
-    }
+        explicit child(const PROCESS_INFORMATION& pi)
+          : proc_info(pi)
+        {
+        }
 
-    child &operator=(child && c)
-    {
-        if (this == &c)
+        ~child()
         {
             if (proc_info.hProcess != INVALID_HANDLE_VALUE)
                 ::CloseHandle(proc_info.hProcess);
             if (proc_info.hThread != INVALID_HANDLE_VALUE)
                 ::CloseHandle(proc_info.hThread);
+        }
 
-            proc_info = c.proc_info;
+        child(child&& c) noexcept
+          : proc_info(c.proc_info)
+        {
             c.proc_info.hProcess = INVALID_HANDLE_VALUE;
             c.proc_info.hThread = INVALID_HANDLE_VALUE;
         }
-        return *this;
-    }
 
-    HANDLE process_handle() const { return proc_info.hProcess; }
-};
+        child& operator=(child&& c) noexcept
+        {
+            if (this == &c)
+            {
+                if (proc_info.hProcess != INVALID_HANDLE_VALUE)
+                    ::CloseHandle(proc_info.hProcess);
+                if (proc_info.hThread != INVALID_HANDLE_VALUE)
+                    ::CloseHandle(proc_info.hThread);
+
+                proc_info = c.proc_info;
+                c.proc_info.hProcess = INVALID_HANDLE_VALUE;
+                c.proc_info.hThread = INVALID_HANDLE_VALUE;
+            }
+            return *this;
+        }
 
-}}}}
+        HANDLE process_handle() const
+        {
+            return proc_info.hProcess;
+        }
+    };
+}    // namespace hpx::components::process::windows
 
 #endif

libs/core/affinity/src/parse_affinity_options.cpp

@@ -1270,7 +1270,15 @@ namespace hpx::threads {
                 }
             }
         }
+        // 26819: Unannotated fallthrough between switch labels
+#if defined(HPX_MSVC)
+#pragma warning(push)
+#pragma warning(disable : 26819)
+#endif
         break;
+#if defined(HPX_MSVC)
+#pragma warning(pop)
+#endif
 
         default:
             HPX_ASSERT(false);

libs/core/concurrency/include/hpx/concurrency/detail/tagged_ptr_ptrcompression.hpp

@@ -72,10 +72,18 @@ namespace hpx::lockfree::detail {
         }
 
     public:
+        // 26495: Always initialize a member variable
+#if defined(HPX_MSVC)
+#pragma warning(push)
+#pragma warning(disable : 26495)
+#endif
         /** uninitialized constructor */
         constexpr tagged_ptr() noexcept    //-V730 //-V832
         {
         }
+#if defined(HPX_MSVC)
+#pragma warning(pop)
+#endif
 
         /** copy constructor */
         tagged_ptr(tagged_ptr const& p) = default;

libs/core/concurrency/include/hpx/concurrency/queue.hpp

@@ -96,6 +96,7 @@ namespace hpx::lockfree {
 
             explicit node_data(handle_type null_handle) noexcept
               : next(tagged_node_handle(null_handle, 0))
+              , data()
             {
             }
 

libs/core/errors/include/hpx/errors/exception_fwd.hpp

@@ -40,10 +40,19 @@ namespace hpx {
         /// \endcond
     };
 
+    // 26827: Did you forget to initialize an enum constant, or intend to use
+    // another type?.
+#if defined(HPX_MSVC)
+#pragma warning(push)
+#pragma warning(disable : 26827)
+#endif
     constexpr bool operator&(throwmode lhs, throwmode rhs) noexcept
     {
         return static_cast<int>(lhs) & static_cast<int>(rhs);
     }
+#if defined(HPX_MSVC)
+#pragma warning(pop)
+#endif
 
 #define HPX_THROWMODE_UNSCOPED_ENUM_DEPRECATION_MSG                            \
     "The unscoped throwmode names are deprecated. Please use "                 \

libs/core/lcos_local/include/hpx/lcos_local/channel.hpp

@@ -309,6 +309,11 @@ namespace hpx::lcos::local {
             {
             }
 
+            // 26110: Caller failing to hold lock 'l' before calling function
+#if defined(HPX_MSVC)
+#pragma warning(push)
+#pragma warning(disable : 26110)
+#endif
             template <typename T1, typename Lock>
             hpx::future<void> push(T1&& val, Lock& l)
             {
@@ -387,6 +392,9 @@ namespace hpx::lcos::local {
                 }
                 return hpx::make_ready_future(HPX_MOVE(val));
             }
+#if defined(HPX_MSVC)
+#pragma warning(pop)
+#endif
 
             template <typename Lock>
             bool is_empty(Lock& l) const noexcept

libs/core/lcos_local/include/hpx/lcos_local/receive_buffer.hpp

@@ -151,6 +151,12 @@ namespace hpx::lcos::local {
             return true;
         }
 
+        // 26110: Caller failing to hold lock 'l' before calling function
+        // 26117: Releasing unheld lock '*lock' in function
+#if defined(HPX_MSVC)
+#pragma warning(push)
+#pragma warning(disable : 26110 26117)
+#endif
         template <typename Lock = hpx::no_mutex>
         void store_received(std::size_t step, T&& val, Lock* lock = nullptr)
         {
@@ -184,6 +190,9 @@ namespace hpx::lcos::local {
             // set value in promise, but only after the lock went out of scope
             entry->set_value(HPX_MOVE(val));
         }
+#if defined(HPX_MSVC)
+#pragma warning(pop)
+#endif
 
         bool empty() const noexcept
         {

libs/core/logging/include/hpx/logging/message.hpp

@@ -49,13 +49,12 @@ namespace hpx::util::logging {
         /**
             @param msg - the message that is originally cached
          */
-        explicit message(std::stringstream msg) noexcept
+        explicit message([[maybe_unused]] std::stringstream msg) noexcept
           : m_full_msg_computed(false)
 #if defined(HPX_COMPUTE_HOST_CODE)
           , m_str(HPX_MOVE(msg))
 #endif
         {
-            HPX_UNUSED(msg);
         }
 
         message(message&& other) noexcept

libs/core/runtime_local/include/hpx/runtime_local/thread_mapper.hpp

@@ -61,19 +61,19 @@ namespace hpx::util {
             std::thread::id id_;
 
             // the native_handle() of the associated thread
-            std::uint64_t tid_;
+            std::uint64_t tid_ = 0;
 
 #if defined(HPX_HAVE_PAPI) && defined(__linux__) && !defined(__ANDROID) &&     \
     !defined(ANDROID)
             // the Linux thread id (required by PAPI)
-            pid_t linux_tid_;
+            pid_t linux_tid_ = 0;
 #endif
 
             // callback function invoked when unregistering a thread
             thread_mapper_callback_type cleanup_;
 
             // type of this OS thread in the context of the runtime
-            runtime_local::os_thread_type type_;
+            runtime_local::os_thread_type type_ = os_thread_type::unknown;
         };
     }    // namespace detail