Module cwe_checker_lib::checkers
source · Expand description
The implemented CWE checks. See their module descriptions for detailed information about each check.
Currently the Memory check is not contained in this module
but directly incorporated into the pointer_inference
module.
See there for detailed information about this check.
Modules
- This module implements a check for CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’).
- This module implements a check for CWE-119: Buffer Overflow and its variants CWE-125: Out-of-bounds Read and CWE-787: Out-of-bounds Write.
- This module implements a check for CWE-134: Use of Externally-Controlled Format String.
- This module implements a check for CWE-190: Integer overflow or wraparound.
- This module implements a check for CWE-215: Information Exposure Through Debug Information.
- This module implements a check for CWE-243: Creation of chroot Jail Without Changing Working Directory.
- CWE-252: Unchecked Return Value.
- This module implements a check for CWE-332: Insufficient Entropy in PRNG.
- This module implements a check for CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)
- This module implements a check for CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition.
- This module implements a check for CWE-415: Double Free and CWE-416: Use After Free.
- This module implements a check for CWE-426: Untrusted Search Path.
- This module implements a check for CWE-467: Use of sizeof() on a Pointer Type.
- This module implements a check for CWE-476: NULL Pointer Dereference.
- This module implements a check for CWE-560: Use of umask() with chmod-style Argument.
- This module implements a check for CWE-676: Use of Potentially Dangerous Function.
- This module implements a check for CWE-782: Exposed IOCTL with Insufficient Access Control.
- This module implements a check for CWE-789: Memory Allocation with Excessive Size Value.
Constants
- Checkers that are supported for Linux kernel modules.