UNPKG

@specs-feup/clava

Version:

A C/C++ source-to-source compiler written in Typescript

github.com/specs-feup/clava

specs-feup/clava

27 lines (23 loc) 795 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
import { Call, Joinpoint } from "../../../Joinpoints.js"; import Checker from "../Checker.js"; import CheckResult from "../CheckResult.js"; /** * Check for the presence of exec family functions */ export default class ExecChecker extends Checker { private advice = " This function executes another program used as parameter and can allow an attacker to execute his own code. " + "Be extremely cautious when using this function and check inputs for a better security (CWE-78).\n\n"; constructor() { super("exec"); } check($node: Joinpoint): CheckResult | undefined { if ( !($node instanceof Call) || !$node.name.match(/execl|execlp|execle|execv|execvp|execvpe/) ) { return; } return new CheckResult(this.name, $node, this.advice); } }