Use https:, not http:, for cwe.mitre.org
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
This commit is contained in:
parent
6380038c34
commit
2691ac6de5
|
@ -20,8 +20,8 @@ Examining test2.c <br>
|
||||||
<ul>
|
<ul>
|
||||||
<li>test.c:32: <b> [5] </b> (buffer) <i> gets:
|
<li>test.c:32: <b> [5] </b> (buffer) <i> gets:
|
||||||
Does not check for buffer overflows (<a
|
Does not check for buffer overflows (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>, <a
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>, <a
|
||||||
href="http://cwe.mitre.org/data/definitions/20.html">CWE-20</a>). Use
|
href="https://cwe.mitre.org/data/definitions/20.html">CWE-20</a>). Use
|
||||||
fgets() instead. </i>
|
fgets() instead. </i>
|
||||||
<pre>
|
<pre>
|
||||||
gets(f);
|
gets(f);
|
||||||
|
@ -29,7 +29,7 @@ Examining test2.c <br>
|
||||||
<li>test.c:56: <b> [5] </b> (buffer) <i> strncat:
|
<li>test.c:56: <b> [5] </b> (buffer) <i> strncat:
|
||||||
Easily used incorrectly (e.g., incorrectly computing the correct maximum
|
Easily used incorrectly (e.g., incorrectly computing the correct maximum
|
||||||
size to add) [MS-banned] (<a
|
size to add) [MS-banned] (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
Consider strcat_s, strlcat, snprintf, or automatically resizing strings.
|
Consider strcat_s, strlcat, snprintf, or automatically resizing strings.
|
||||||
Risk is high; the length parameter appears to be a constant, instead of
|
Risk is high; the length parameter appears to be a constant, instead of
|
||||||
computing the number of characters left. </i>
|
computing the number of characters left. </i>
|
||||||
|
@ -39,7 +39,7 @@ Examining test2.c <br>
|
||||||
<li>test.c:57: <b> [5] </b> (buffer) <i> _tcsncat:
|
<li>test.c:57: <b> [5] </b> (buffer) <i> _tcsncat:
|
||||||
Easily used incorrectly (e.g., incorrectly computing the correct maximum
|
Easily used incorrectly (e.g., incorrectly computing the correct maximum
|
||||||
size to add) [MS-banned] (<a
|
size to add) [MS-banned] (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
Consider strcat_s, strlcat, or automatically resizing strings. Risk is
|
Consider strcat_s, strlcat, or automatically resizing strings. Risk is
|
||||||
high; the length parameter appears to be a constant, instead of computing
|
high; the length parameter appears to be a constant, instead of computing
|
||||||
the number of characters left. </i>
|
the number of characters left. </i>
|
||||||
|
@ -48,37 +48,37 @@ Examining test2.c <br>
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:60: <b> [5] </b> (buffer) <i> MultiByteToWideChar:
|
<li>test.c:60: <b> [5] </b> (buffer) <i> MultiByteToWideChar:
|
||||||
Requires maximum length in CHARACTERS, not bytes (<a
|
Requires maximum length in CHARACTERS, not bytes (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk is
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk
|
||||||
high, it appears that the size is given as bytes, but the function requires
|
is high, it appears that the size is given as bytes, but the function
|
||||||
size as characters. </i>
|
requires size as characters. </i>
|
||||||
<pre>
|
<pre>
|
||||||
MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof(wszUserName));
|
MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof(wszUserName));
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:62: <b> [5] </b> (buffer) <i> MultiByteToWideChar:
|
<li>test.c:62: <b> [5] </b> (buffer) <i> MultiByteToWideChar:
|
||||||
Requires maximum length in CHARACTERS, not bytes (<a
|
Requires maximum length in CHARACTERS, not bytes (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk is
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk
|
||||||
high, it appears that the size is given as bytes, but the function requires
|
is high, it appears that the size is given as bytes, but the function
|
||||||
size as characters. </i>
|
requires size as characters. </i>
|
||||||
<pre>
|
<pre>
|
||||||
MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof wszUserName);
|
MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof wszUserName);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:73: <b> [5] </b> (misc) <i> SetSecurityDescriptorDacl:
|
<li>test.c:73: <b> [5] </b> (misc) <i> SetSecurityDescriptorDacl:
|
||||||
Never create NULL ACLs; an attacker can set it to Everyone (Deny All
|
Never create NULL ACLs; an attacker can set it to Everyone (Deny All
|
||||||
Access), which would even forbid administrator access (<a
|
Access), which would even forbid administrator access (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/732.html">CWE-732</a>). </i>
|
href="https://cwe.mitre.org/data/definitions/732.html">CWE-732</a>). </i>
|
||||||
<pre>
|
<pre>
|
||||||
SetSecurityDescriptorDacl(&sd,TRUE,NULL,FALSE);
|
SetSecurityDescriptorDacl(&sd,TRUE,NULL,FALSE);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:73: <b> [5] </b> (misc) <i> SetSecurityDescriptorDacl:
|
<li>test.c:73: <b> [5] </b> (misc) <i> SetSecurityDescriptorDacl:
|
||||||
Never create NULL ACLs; an attacker can set it to Everyone (Deny All
|
Never create NULL ACLs; an attacker can set it to Everyone (Deny All
|
||||||
Access), which would even forbid administrator access (<a
|
Access), which would even forbid administrator access (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/732.html">CWE-732</a>). </i>
|
href="https://cwe.mitre.org/data/definitions/732.html">CWE-732</a>). </i>
|
||||||
<pre>
|
<pre>
|
||||||
SetSecurityDescriptorDacl(&sd,TRUE,NULL,FALSE);
|
SetSecurityDescriptorDacl(&sd,TRUE,NULL,FALSE);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:17: <b> [4] </b> (buffer) <i> strcpy:
|
<li>test.c:17: <b> [4] </b> (buffer) <i> strcpy:
|
||||||
Does not check for buffer overflows when copying to destination [MS-banned]
|
Does not check for buffer overflows when copying to destination [MS-banned]
|
||||||
(<a href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
(<a href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily
|
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily
|
||||||
misused). </i>
|
misused). </i>
|
||||||
<pre>
|
<pre>
|
||||||
|
@ -86,61 +86,61 @@ Examining test2.c <br>
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:20: <b> [4] </b> (buffer) <i> sprintf:
|
<li>test.c:20: <b> [4] </b> (buffer) <i> sprintf:
|
||||||
Does not check for buffer overflows (<a
|
Does not check for buffer overflows (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
|
||||||
sprintf_s, snprintf, or vsnprintf. </i>
|
sprintf_s, snprintf, or vsnprintf. </i>
|
||||||
<pre>
|
<pre>
|
||||||
sprintf(s, "hello %s", bug);
|
sprintf(s, "hello %s", bug);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:21: <b> [4] </b> (buffer) <i> sprintf:
|
<li>test.c:21: <b> [4] </b> (buffer) <i> sprintf:
|
||||||
Does not check for buffer overflows (<a
|
Does not check for buffer overflows (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
|
||||||
sprintf_s, snprintf, or vsnprintf. </i>
|
sprintf_s, snprintf, or vsnprintf. </i>
|
||||||
<pre>
|
<pre>
|
||||||
sprintf(s, gettext("hello %s"), bug);
|
sprintf(s, gettext("hello %s"), bug);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:22: <b> [4] </b> (format) <i> sprintf:
|
<li>test.c:22: <b> [4] </b> (format) <i> sprintf:
|
||||||
Potential format string problem (<a
|
Potential format string problem (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/134.html">CWE-134</a>). Make
|
href="https://cwe.mitre.org/data/definitions/134.html">CWE-134</a>). Make
|
||||||
format string constant. </i>
|
format string constant. </i>
|
||||||
<pre>
|
<pre>
|
||||||
sprintf(s, unknown, bug);
|
sprintf(s, unknown, bug);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:23: <b> [4] </b> (format) <i> printf:
|
<li>test.c:23: <b> [4] </b> (format) <i> printf:
|
||||||
If format strings can be influenced by an attacker, they can be exploited
|
If format strings can be influenced by an attacker, they can be exploited
|
||||||
(<a href="http://cwe.mitre.org/data/definitions/134.html">CWE-134</a>). Use
|
(<a href="https://cwe.mitre.org/data/definitions/134.html">CWE-134</a>).
|
||||||
a constant for the format specification. </i>
|
Use a constant for the format specification. </i>
|
||||||
<pre>
|
<pre>
|
||||||
printf(bf, x);
|
printf(bf, x);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:25: <b> [4] </b> (buffer) <i> scanf:
|
<li>test.c:25: <b> [4] </b> (buffer) <i> scanf:
|
||||||
The scanf() family's %s operation, without a limit specification, permits
|
The scanf() family's %s operation, without a limit specification, permits
|
||||||
buffer overflows (<a
|
buffer overflows (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>, <a
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>, <a
|
||||||
href="http://cwe.mitre.org/data/definitions/20.html">CWE-20</a>). Specify a
|
href="https://cwe.mitre.org/data/definitions/20.html">CWE-20</a>). Specify
|
||||||
limit to %s, or use a different input function. </i>
|
a limit to %s, or use a different input function. </i>
|
||||||
<pre>
|
<pre>
|
||||||
scanf("%s", s);
|
scanf("%s", s);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:27: <b> [4] </b> (buffer) <i> scanf:
|
<li>test.c:27: <b> [4] </b> (buffer) <i> scanf:
|
||||||
The scanf() family's %s operation, without a limit specification, permits
|
The scanf() family's %s operation, without a limit specification, permits
|
||||||
buffer overflows (<a
|
buffer overflows (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>, <a
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>, <a
|
||||||
href="http://cwe.mitre.org/data/definitions/20.html">CWE-20</a>). Specify a
|
href="https://cwe.mitre.org/data/definitions/20.html">CWE-20</a>). Specify
|
||||||
limit to %s, or use a different input function. </i>
|
a limit to %s, or use a different input function. </i>
|
||||||
<pre>
|
<pre>
|
||||||
scanf("%s", s);
|
scanf("%s", s);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:38: <b> [4] </b> (format) <i> syslog:
|
<li>test.c:38: <b> [4] </b> (format) <i> syslog:
|
||||||
If syslog's format strings can be influenced by an attacker, they can be
|
If syslog's format strings can be influenced by an attacker, they can be
|
||||||
exploited (<a
|
exploited (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/134.html">CWE-134</a>). Use a
|
href="https://cwe.mitre.org/data/definitions/134.html">CWE-134</a>). Use a
|
||||||
constant format string for syslog. </i>
|
constant format string for syslog. </i>
|
||||||
<pre>
|
<pre>
|
||||||
syslog(LOG_ERR, attacker_string);
|
syslog(LOG_ERR, attacker_string);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:49: <b> [4] </b> (buffer) <i> _mbscpy:
|
<li>test.c:49: <b> [4] </b> (buffer) <i> _mbscpy:
|
||||||
Does not check for buffer overflows when copying to destination [MS-banned]
|
Does not check for buffer overflows when copying to destination [MS-banned]
|
||||||
(<a href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
(<a href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
Consider using a function version that stops copying at the end of the
|
Consider using a function version that stops copying at the end of the
|
||||||
buffer. </i>
|
buffer. </i>
|
||||||
<pre>
|
<pre>
|
||||||
|
@ -149,13 +149,13 @@ Examining test2.c <br>
|
||||||
<li>test.c:52: <b> [4] </b> (buffer) <i> lstrcat:
|
<li>test.c:52: <b> [4] </b> (buffer) <i> lstrcat:
|
||||||
Does not check for buffer overflows when concatenating to destination
|
Does not check for buffer overflows when concatenating to destination
|
||||||
[MS-banned] (<a
|
[MS-banned] (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
|
||||||
<pre>
|
<pre>
|
||||||
lstrcat(d,s);
|
lstrcat(d,s);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:75: <b> [3] </b> (shell) <i> CreateProcess:
|
<li>test.c:75: <b> [3] </b> (shell) <i> CreateProcess:
|
||||||
This causes a new process to execute and is difficult to use safely (<a
|
This causes a new process to execute and is difficult to use safely (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/78.html">CWE-78</a>). Specify
|
href="https://cwe.mitre.org/data/definitions/78.html">CWE-78</a>). Specify
|
||||||
the application path in the first argument, NOT as part of the second, or
|
the application path in the first argument, NOT as part of the second, or
|
||||||
embedded spaces could allow an attacker to force a different program to
|
embedded spaces could allow an attacker to force a different program to
|
||||||
run. </i>
|
run. </i>
|
||||||
|
@ -164,7 +164,7 @@ Examining test2.c <br>
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:75: <b> [3] </b> (shell) <i> CreateProcess:
|
<li>test.c:75: <b> [3] </b> (shell) <i> CreateProcess:
|
||||||
This causes a new process to execute and is difficult to use safely (<a
|
This causes a new process to execute and is difficult to use safely (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/78.html">CWE-78</a>). Specify
|
href="https://cwe.mitre.org/data/definitions/78.html">CWE-78</a>). Specify
|
||||||
the application path in the first argument, NOT as part of the second, or
|
the application path in the first argument, NOT as part of the second, or
|
||||||
embedded spaces could allow an attacker to force a different program to
|
embedded spaces could allow an attacker to force a different program to
|
||||||
run. </i>
|
run. </i>
|
||||||
|
@ -173,15 +173,15 @@ Examining test2.c <br>
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:91: <b> [3] </b> (buffer) <i> getopt_long:
|
<li>test.c:91: <b> [3] </b> (buffer) <i> getopt_long:
|
||||||
Some older implementations do not protect against internal buffer overflows
|
Some older implementations do not protect against internal buffer overflows
|
||||||
(<a href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>, <a
|
(<a href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>, <a
|
||||||
href="http://cwe.mitre.org/data/definitions/20.html">CWE-20</a>). Check
|
href="https://cwe.mitre.org/data/definitions/20.html">CWE-20</a>). Check
|
||||||
implementation on installation, or limit the size of all string inputs. </i>
|
implementation on installation, or limit the size of all string inputs. </i>
|
||||||
<pre>
|
<pre>
|
||||||
while ((optc = getopt_long (argc, argv, "a",longopts, NULL )) != EOF) {
|
while ((optc = getopt_long (argc, argv, "a",longopts, NULL )) != EOF) {
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:16: <b> [2] </b> (buffer) <i> strcpy:
|
<li>test.c:16: <b> [2] </b> (buffer) <i> strcpy:
|
||||||
Does not check for buffer overflows when copying to destination [MS-banned]
|
Does not check for buffer overflows when copying to destination [MS-banned]
|
||||||
(<a href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
(<a href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily
|
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily
|
||||||
misused). Risk is low because the source is a constant string. </i>
|
misused). Risk is low because the source is a constant string. </i>
|
||||||
<pre>
|
<pre>
|
||||||
|
@ -189,7 +189,7 @@ Examining test2.c <br>
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:19: <b> [2] </b> (buffer) <i> sprintf:
|
<li>test.c:19: <b> [2] </b> (buffer) <i> sprintf:
|
||||||
Does not check for buffer overflows (<a
|
Does not check for buffer overflows (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
|
||||||
sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a
|
sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a
|
||||||
constant maximum length. </i>
|
constant maximum length. </i>
|
||||||
<pre>
|
<pre>
|
||||||
|
@ -198,33 +198,33 @@ Examining test2.c <br>
|
||||||
<li>test.c:45: <b> [2] </b> (buffer) <i> char:
|
<li>test.c:45: <b> [2] </b> (buffer) <i> char:
|
||||||
Statically-sized arrays can be improperly restricted, leading to potential
|
Statically-sized arrays can be improperly restricted, leading to potential
|
||||||
overflows or other issues (<a
|
overflows or other issues (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/119.html">CWE-119</a>!/<a
|
href="https://cwe.mitre.org/data/definitions/119.html">CWE-119</a>!/<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Perform
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
bounds checking, use functions that limit length, or ensure that the size
|
Perform bounds checking, use functions that limit length, or ensure that
|
||||||
is larger than the maximum possible length. </i>
|
the size is larger than the maximum possible length. </i>
|
||||||
<pre>
|
<pre>
|
||||||
char d[20];
|
char d[20];
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:46: <b> [2] </b> (buffer) <i> char:
|
<li>test.c:46: <b> [2] </b> (buffer) <i> char:
|
||||||
Statically-sized arrays can be improperly restricted, leading to potential
|
Statically-sized arrays can be improperly restricted, leading to potential
|
||||||
overflows or other issues (<a
|
overflows or other issues (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/119.html">CWE-119</a>!/<a
|
href="https://cwe.mitre.org/data/definitions/119.html">CWE-119</a>!/<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Perform
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
bounds checking, use functions that limit length, or ensure that the size
|
Perform bounds checking, use functions that limit length, or ensure that
|
||||||
is larger than the maximum possible length. </i>
|
the size is larger than the maximum possible length. </i>
|
||||||
<pre>
|
<pre>
|
||||||
char s[20];
|
char s[20];
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:50: <b> [2] </b> (buffer) <i> memcpy:
|
<li>test.c:50: <b> [2] </b> (buffer) <i> memcpy:
|
||||||
Does not check for buffer overflows when copying to destination (<a
|
Does not check for buffer overflows when copying to destination (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Make
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Make
|
||||||
sure destination can always hold the source data. </i>
|
sure destination can always hold the source data. </i>
|
||||||
<pre>
|
<pre>
|
||||||
memcpy(d,s);
|
memcpy(d,s);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:51: <b> [2] </b> (buffer) <i> CopyMemory:
|
<li>test.c:51: <b> [2] </b> (buffer) <i> CopyMemory:
|
||||||
Does not check for buffer overflows when copying to destination (<a
|
Does not check for buffer overflows when copying to destination (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Make
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Make
|
||||||
sure destination can always hold the source data. </i>
|
sure destination can always hold the source data. </i>
|
||||||
<pre>
|
<pre>
|
||||||
CopyMemory(d,s);
|
CopyMemory(d,s);
|
||||||
|
@ -234,13 +234,13 @@ Examining test2.c <br>
|
||||||
force the opening of special file type (e.g., device files), move things
|
force the opening of special file type (e.g., device files), move things
|
||||||
around to create a race condition, control its ancestors, or change its
|
around to create a race condition, control its ancestors, or change its
|
||||||
contents? (<a
|
contents? (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/362.html">CWE-362</a>). </i>
|
href="https://cwe.mitre.org/data/definitions/362.html">CWE-362</a>). </i>
|
||||||
<pre>
|
<pre>
|
||||||
f = fopen("/etc/passwd", "r");
|
f = fopen("/etc/passwd", "r");
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:15: <b> [1] </b> (buffer) <i> strcpy:
|
<li>test.c:15: <b> [1] </b> (buffer) <i> strcpy:
|
||||||
Does not check for buffer overflows when copying to destination [MS-banned]
|
Does not check for buffer overflows when copying to destination [MS-banned]
|
||||||
(<a href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
(<a href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily
|
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily
|
||||||
misused). Risk is low because the source is a constant character. </i>
|
misused). Risk is low because the source is a constant character. </i>
|
||||||
<pre>
|
<pre>
|
||||||
|
@ -248,7 +248,7 @@ Examining test2.c <br>
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:18: <b> [1] </b> (buffer) <i> sprintf:
|
<li>test.c:18: <b> [1] </b> (buffer) <i> sprintf:
|
||||||
Does not check for buffer overflows (<a
|
Does not check for buffer overflows (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
|
||||||
sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a
|
sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a
|
||||||
constant character. </i>
|
constant character. </i>
|
||||||
<pre>
|
<pre>
|
||||||
|
@ -256,7 +256,7 @@ Examining test2.c <br>
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:26: <b> [1] </b> (buffer) <i> scanf:
|
<li>test.c:26: <b> [1] </b> (buffer) <i> scanf:
|
||||||
It's unclear if the %s limit in the format string is small enough (<a
|
It's unclear if the %s limit in the format string is small enough (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Check
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Check
|
||||||
that the limit is sufficiently small, or use a different input function. </i>
|
that the limit is sufficiently small, or use a different input function. </i>
|
||||||
<pre>
|
<pre>
|
||||||
scanf("%10s", s);
|
scanf("%10s", s);
|
||||||
|
@ -264,21 +264,21 @@ Examining test2.c <br>
|
||||||
<li>test.c:53: <b> [1] </b> (buffer) <i> strncpy:
|
<li>test.c:53: <b> [1] </b> (buffer) <i> strncpy:
|
||||||
Easily used incorrectly; doesn't always \0-terminate or check for invalid
|
Easily used incorrectly; doesn't always \0-terminate or check for invalid
|
||||||
pointers [MS-banned] (<a
|
pointers [MS-banned] (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
|
||||||
<pre>
|
<pre>
|
||||||
strncpy(d,s);
|
strncpy(d,s);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:54: <b> [1] </b> (buffer) <i> _tcsncpy:
|
<li>test.c:54: <b> [1] </b> (buffer) <i> _tcsncpy:
|
||||||
Easily used incorrectly; doesn't always \0-terminate or check for invalid
|
Easily used incorrectly; doesn't always \0-terminate or check for invalid
|
||||||
pointers [MS-banned] (<a
|
pointers [MS-banned] (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
|
||||||
<pre>
|
<pre>
|
||||||
_tcsncpy(d,s);
|
_tcsncpy(d,s);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:55: <b> [1] </b> (buffer) <i> strncat:
|
<li>test.c:55: <b> [1] </b> (buffer) <i> strncat:
|
||||||
Easily used incorrectly (e.g., incorrectly computing the correct maximum
|
Easily used incorrectly (e.g., incorrectly computing the correct maximum
|
||||||
size to add) [MS-banned] (<a
|
size to add) [MS-banned] (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
|
||||||
Consider strcat_s, strlcat, snprintf, or automatically resizing strings. </i>
|
Consider strcat_s, strlcat, snprintf, or automatically resizing strings. </i>
|
||||||
<pre>
|
<pre>
|
||||||
strncat(d,s,10);
|
strncat(d,s,10);
|
||||||
|
@ -286,21 +286,21 @@ Examining test2.c <br>
|
||||||
<li>test.c:58: <b> [1] </b> (buffer) <i> strlen:
|
<li>test.c:58: <b> [1] </b> (buffer) <i> strlen:
|
||||||
Does not handle strings that are not \0-terminated; if given one it may
|
Does not handle strings that are not \0-terminated; if given one it may
|
||||||
perform an over-read (it could cause a crash if unprotected) (<a
|
perform an over-read (it could cause a crash if unprotected) (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/126.html">CWE-126</a>). </i>
|
href="https://cwe.mitre.org/data/definitions/126.html">CWE-126</a>). </i>
|
||||||
<pre>
|
<pre>
|
||||||
n = strlen(d);
|
n = strlen(d);
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:64: <b> [1] </b> (buffer) <i> MultiByteToWideChar:
|
<li>test.c:64: <b> [1] </b> (buffer) <i> MultiByteToWideChar:
|
||||||
Requires maximum length in CHARACTERS, not bytes (<a
|
Requires maximum length in CHARACTERS, not bytes (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk is
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk
|
||||||
very low, the length appears to be in characters not bytes. </i>
|
is very low, the length appears to be in characters not bytes. </i>
|
||||||
<pre>
|
<pre>
|
||||||
MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof(wszUserName)/sizeof(wszUserName[0]));
|
MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof(wszUserName)/sizeof(wszUserName[0]));
|
||||||
</pre>
|
</pre>
|
||||||
<li>test.c:66: <b> [1] </b> (buffer) <i> MultiByteToWideChar:
|
<li>test.c:66: <b> [1] </b> (buffer) <i> MultiByteToWideChar:
|
||||||
Requires maximum length in CHARACTERS, not bytes (<a
|
Requires maximum length in CHARACTERS, not bytes (<a
|
||||||
href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk is
|
href="https://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk
|
||||||
very low, the length appears to be in characters not bytes. </i>
|
is very low, the length appears to be in characters not bytes. </i>
|
||||||
<pre>
|
<pre>
|
||||||
MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof wszUserName /sizeof(wszUserName[0]));
|
MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof wszUserName /sizeof(wszUserName[0]));
|
||||||
</pre>
|
</pre>
|
||||||
|
|
|
@ -439,7 +439,7 @@ class Hit(object):
|
||||||
main_text = h("%(warning)s. " % self)
|
main_text = h("%(warning)s. " % self)
|
||||||
if output_format: # Create HTML link to CWE definitions
|
if output_format: # Create HTML link to CWE definitions
|
||||||
main_text = link_cwe_pattern.sub(
|
main_text = link_cwe_pattern.sub(
|
||||||
r'<a href="http://cwe.mitre.org/data/definitions/\2.html">\1</a>\3',
|
r'<a href="https://cwe.mitre.org/data/definitions/\2.html">\1</a>\3',
|
||||||
main_text)
|
main_text)
|
||||||
if single_line:
|
if single_line:
|
||||||
print(main_text, end='')
|
print(main_text, end='')
|
||||||
|
|
|
@ -846,8 +846,8 @@ that can occur in software's architecture, design, code or implementation
|
||||||
that can lead to exploitable security vulnerabilities...
|
that can lead to exploitable security vulnerabilities...
|
||||||
created to serve as a common language for
|
created to serve as a common language for
|
||||||
describing software security weaknesses''
|
describing software security weaknesses''
|
||||||
(http://cwe.mitre.org/about/faq.html).
|
(https://cwe.mitre.org/about/faq.html).
|
||||||
For more information on CWEs, see http://cwe.mitre.org.
|
For more information on CWEs, see https://cwe.mitre.org.
|
||||||
.PP
|
.PP
|
||||||
Flawfinder supports the CWE and is officially CWE-Compatible.
|
Flawfinder supports the CWE and is officially CWE-Compatible.
|
||||||
Hit descriptions typically include a relevant
|
Hit descriptions typically include a relevant
|
||||||
|
@ -869,7 +869,7 @@ all the CWE mappings are listed as separated by commas.
|
||||||
This often occurs with CWE-20, Improper Input Validation;
|
This often occurs with CWE-20, Improper Input Validation;
|
||||||
thus the report "CWE-676, CWE-120" maps to two CWEs.
|
thus the report "CWE-676, CWE-120" maps to two CWEs.
|
||||||
In addition, flawfinder provides additional information for those who are
|
In addition, flawfinder provides additional information for those who are
|
||||||
are interested in the CWE/SANS top 25 list 2011 (http://cwe.mitre.org/top25/)
|
are interested in the CWE/SANS top 25 list 2011 (https://cwe.mitre.org/top25/)
|
||||||
when mappings are not directly to them.
|
when mappings are not directly to them.
|
||||||
Many people will want to search for specific CWEs in this top 25 list,
|
Many people will want to search for specific CWEs in this top 25 list,
|
||||||
such as CWE-120 (classic buffer overflow).
|
such as CWE-120 (classic buffer overflow).
|
||||||
|
|
Loading…
Reference in New Issue