forked from github/codeql-coding-standards
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDoNotCallSystem.ql
More file actions
25 lines (23 loc) · 924 Bytes
/
DoNotCallSystem.ql
File metadata and controls
25 lines (23 loc) · 924 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
/**
* @id c/cert/do-not-call-system
* @name ENV33-C: Do not call 'system'
* @description Use of the 'system' function may result in exploitable vulnerabilities.
* @kind problem
* @precision very-high
* @problem.severity error
* @tags external/cert/id/env33-c
* security
* external/cert/obligation/rule
* external/cert/priority/p12
* external/cert/level/l1
*/
import cpp
import codingstandards.c.cert
import semmle.code.cpp.security.CommandExecution
from FunctionCall call, SystemFunction target
where
not isExcluded(call, BannedPackage::doNotCallSystemQuery()) and
call.getTarget() = target and
// Exclude calls to `system` with a `NULL` pointer, because it is allowed to determine the presence of a command processor.
(target.getName() = "system" implies not call.getAnArgument().(Literal).getValue() = "0")
select call, "Call to banned function $@.", target, target.getName()