|
| 1 | +--- |
| 2 | +description: Enforces security best practices for C applications to prevent common vulnerabilities during code generation. |
| 3 | +globs: "**/*.c, **/*.h" |
| 4 | +alwaysApply: false |
| 5 | +--- |
| 6 | + |
| 7 | +- As a security-aware developer, generate secure C code using any that inherently prevents top security weaknesses. |
| 8 | +- Focus on making the implementation inherently safe rather than merely renaming methods with "secure_" prefixes. |
| 9 | +- Use inline comments to clearly highlight critical security controls, implemented measures, and any security assumptions made in the code. |
| 10 | +- Adhere strictly to best practices from OWASP, with particular consideration for the OWASP ASVS guidelines. |
| 11 | +- **Avoid Slopsquatting**: Be careful when referencing or importing packages. Do not guess if a package exists. Comment on any low reputation or uncommon packages you have included. |
| 12 | + |
| 13 | +### CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer |
| 14 | +**Summary:** This CWE describes vulnerabilities where a program performs operations on a memory buffer beyond its allocated boundaries, leading to data corruption or crashes. |
| 15 | +**Mitigation Rule:** Always perform strict bounds checking on all array and buffer accesses, especially when handling external input; use safe string functions like `strncpy`, `strncat`, `snprintf`, and `memcpy_s` (from C11 Annex K) or equivalent secure libraries like `libsodium`'s `sodium_memcmp` ensuring the destination buffer size is always provided and respected to prevent buffer overflows. |
| 16 | + |
| 17 | +### CWE-416: Use After Free |
| 18 | +**Summary:** This vulnerability occurs when a program attempts to access memory after it has been freed, leading to crashes, unpredictable behavior, or arbitrary code execution. |
| 19 | +**Mitigation Rule:** After `free()`ing memory, immediately set the pointer to `NULL` to prevent dangling pointers and subsequent use-after-free vulnerabilities; design memory management to ensure no active pointers exist to deallocated memory regions. |
| 20 | + |
| 21 | +### CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') |
| 22 | +**Summary:** This CWE occurs when an application constructs an OS command using unsanitized user input, allowing attackers to execute arbitrary system commands. |
| 23 | +**Mitigation Rule:** Never construct OS commands directly from untrusted input; instead, use parameterized APIs like `execlp`, `execvp`, or `system` with extreme caution and *only* with fixed, trusted commands, passing arguments separately and meticulously sanitizing all input to prevent command injection. |
| 24 | + |
| 25 | +### CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
| 26 | +**Summary:** This vulnerability allows attackers to access files and directories outside of the intended scope by manipulating pathnames with sequences like "../". |
| 27 | +**Mitigation Rule:** Validate and sanitize all file paths received from untrusted sources, resolving canonical paths using `realpath()` and strictly verifying that the resolved path is within an allowed base directory before any file system operations. |
| 28 | + |
| 29 | +### CWE-798: Use of Hard-coded Credentials |
| 30 | +**Summary:** This CWE involves embedding sensitive information like passwords, API keys, or cryptographic keys directly into the source code, making them easily discoverable and exploitable. |
| 31 | +**Mitigation Rule:** Never hardcode secrets, credentials, or cryptographic keys in the source code; instead, retrieve them from secure, external configuration sources like environment variables, secure configuration files, or dedicated secret management services at runtime. |
| 32 | + |
| 33 | +### CWE-190: Integer Overflow or Wraparound |
| 34 | +**Summary:** This CWE occurs when an integer operation produces a result that is too large to store in the allocated memory, causing it to wrap around and potentially lead to buffer overflows or incorrect logic. |
| 35 | +**Mitigation Rule:** Before performing arithmetic operations with potentially untrusted integer inputs, always check for potential integer overflows or underflows, using bounds checks and employing safe integer arithmetic libraries or explicit checks for minimum/maximum values, especially before memory allocations or buffer accesses. |
| 36 | + |
| 37 | +### CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') |
| 38 | +**Summary:** This CWE describes vulnerabilities that arise when multiple threads or processes access shared resources concurrently without proper synchronization, leading to unpredictable outcomes. |
| 39 | +**Mitigation Rule:** Protect all access to shared resources with appropriate synchronization primitives such as mutexes (`pthread_mutex_t`), semaphores, or condition variables to ensure atomicity and prevent race conditions; design code to minimize shared state and prefer immutable data structures where possible. |
0 commit comments