Merge /u/squinky86/flawfinder-2/ branch master into master
https://sourceforge.net/p/flawfinder/code/merge-requests/2/
This commit is contained in:
commit
05ad330a53
15
flawfinder
15
flawfinder
|
@ -816,10 +816,16 @@ def c_static_array(hit):
|
|||
add_warning(hit) # Found a static array, warn about it.
|
||||
|
||||
|
||||
def cpp_unsafe_stl(hit):
|
||||
# Use one of the overloaded classes from the STL in C++14 and higher
|
||||
# instead of the <C++14 versions of theses functions that did not
|
||||
# if the second iterator could overflow
|
||||
if len(hit.parameters) <= 4:
|
||||
add_warning(hit)
|
||||
|
||||
def normal(hit):
|
||||
add_warning(hit)
|
||||
|
||||
|
||||
# "c_ruleset": the rules for identifying "hits" in C (potential warnings).
|
||||
# It's a dictionary, where the key is the function name causing the hit,
|
||||
# and the value is a tuple with the following format:
|
||||
|
@ -1309,6 +1315,13 @@ c_ruleset = {
|
|||
"Make sure input data is filtered, especially if an attacker could manipulate it",
|
||||
"input", "", {'input': 1}),
|
||||
|
||||
# Unsafe STL functions that don't check the second iterator
|
||||
"equal|mismatch|is_permutation":
|
||||
(cpp_unsafe_stl,
|
||||
2, # need further analysis to consider risk level
|
||||
"Function does not check the second iterator for overflow conditions (CWE-119/CWE-120)",
|
||||
"These functions are typically banned by most C++ coding standards in favor of their safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it",
|
||||
"buffer", "", {}),
|
||||
|
||||
# TODO: detect C++'s: cin >> charbuf, where charbuf is a char array; the problem
|
||||
# is that flawfinder doesn't have type information, and ">>" is safe with
|
||||
|
|
Loading…
Reference in New Issue