-
-
Notifications
You must be signed in to change notification settings - Fork 81
Expand file tree
/
Copy pathinsecure-api-sprintf-vsprintf.yaml
More file actions
35 lines (35 loc) · 1.16 KB
/
insecure-api-sprintf-vsprintf.yaml
File metadata and controls
35 lines (35 loc) · 1.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
rules:
- id: raptor-insecure-api-sprintf-vsprintf
metadata:
author: Marco Ivaldi <[email protected]>
category: security
subcategory: vuln
vulnerability_class: Dangerous Method or Function
likelihood: HIGH
impact: HIGH
confidence: HIGH
technology:
- c
- cpp
cwe:
- "CWE-676: Use of Potentially Dangerous Function"
- "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
- "CWE-787: Out-of-bounds Write"
references:
- https://g.co/kgs/PCHQjJ
message: >-
A buffer overflow condition exists when a program attempts to put
more data in a buffer than it can hold, or when a program attempts to
put data in a memory area outside of the boundaries of a buffer.
severity: ERROR
languages:
- c
- cpp
patterns:
- pattern-either:
- pattern: sprintf($_, $FMT, ...)
- pattern: vsprintf($_, $FMT, ...)
- metavariable-regex:
metavariable: $FMT
# NOTE: some format string specifiers are not handled
regex: '(".*%l?s.*"|".*%S.*"|[a-zA-Z_][a-zA-Z0-9_]*)'