UNPKG

@specs-feup/clava

Version:

A C/C++ source-to-source compiler written in Typescript

github.com/specs-feup/clava

specs-feup/clava

24 lines (20 loc) 718 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
import { Call, Joinpoint } from "../../../Joinpoints.js"; import Checker from "../Checker.js"; import CheckResult from "../CheckResult.js"; /** * Check for the presence of chgrp functions */ export default class ChgrpChecker extends Checker { private advice = " This function uses paths to files, if an attacker can modify or move these files " + " he can redirect the execution flow or create a race condition. Consider using fchgrp() instead (CWE-362).\n\n"; constructor() { super("chgrp"); } check($node: Joinpoint): CheckResult | undefined { if (!($node instanceof Call) || $node.name !== "chgrp") { return; } return new CheckResult(this.name, $node, this.advice); } }