Function cwe_checker_lib::checkers::cwe_560::check_cwe

source ·

pub fn check_cwe(
    analysis_results: &AnalysisResults<'_>,
    _cwe_params: &Value
) -> (Vec<LogMessage>, Vec<CweWarning>)

Expand description

Execute the CWE check.

For each call to umask we check whether the parameter value is a chmod-style parameter. If yes, generate a CWE warning. If the parameter value cannot be determined, generate a log message.

Only the basic block right before the umask call is evaluated when trying to determine the parameter value of umask.