gitlab.flawfinder.CreateProcessAsUser-1.CreateProcessWithLogon-1

137
Download Count*
License

Especially watch out for embedded spaces.

Run Locally

Run in CI

Defintion

rules:
  - id: flawfinder.CreateProcessAsUser-1.CreateProcessWithLogon-1
    languages:
      - c
    message: |
      Especially watch out for embedded spaces.
    metadata:
      cwe: "CWE-78: This causes a new process to execute and is difficult to use
        safely (CWE-78)"
      primary_identifier: flawfinder.CreateProcessAsUser-1.CreateProcessWithLogon-1
      secondary_identifiers:
        - name: Flawfinder - CreateProcessAsUser
          type: flawfinder_func_name
          value: CreateProcessAsUser
        - name: Flawfinder - CreateProcessWithLogon
          type: flawfinder_func_name
          value: CreateProcessWithLogon
      license: MIT
    pattern-either:
      - pattern: CreateProcessAsUser(...)
      - pattern: CreateProcessWithLogon(...)
    severity: WARNING