Function cwe_checker_lib::checkers::cwe_134::check_cwe

source ·

pub fn check_cwe(
    analysis_results: &AnalysisResults<'_>,
    cwe_params: &Value
) -> (Vec<LogMessage>, Vec<CweWarning>)

Expand description

This check searches for external symbols that take a format string as an input parameter. It then checks whether the parameter points to read only memory. If not, a CWE warning is generated.