Module cwe_checker_lib::checkers::cwe_560
source · Expand description
This module implements a check for CWE-560: Use of umask() with chmod-style Argument.
The program uses the system call umask(2) with arguments for chmod(2). For instance, instead of a reasonable value like 0022 a value like 0666 is passed. This may result in wrong read and/or write access to files and directories, which could be utilized to bypass protection mechanisms.
See https://cwe.mitre.org/data/definitions/560.html for a detailed description.
How the check works
This check looks for umask calls and checks if they have a reasonable value, i.e. smaller than a certain value, currently set to 0o777 and greater than a reasonable value for umask, currently set to 0o177.
False Positives
- A value deemed unreasonable by the check could theoretically be intended by the programmer. But these cases should be very rare in real programs, so be sure to double check them!
False Negatives
- If the input to umask is not defined in the basic block before the call, the check will not see it. However, a log message will be generated whenever the check is unable to determine the parameter value of umask.
Statics
- The module name and version
- An upper bound for the value of a chmod-style argument.
- An upper bound for the value of a presumably correct umask argument.
Functions
- Execute the CWE check.