gitlab.flawfinder.RpcImpersonateClient-1.ImpersonateLoggedOnUser-1.CoImpersonateClient-1.ImpersonateNamedPipeClient-1.ImpersonateDdeClientWindow-1.ImpersonateSecurityContext-1.SetThreadToken-1
137
Download Count*
License
Make sure the return value is checked, and do not continue if a failure is reported.
Run Locally
Run in CI
Defintion
rules:
- id: flawfinder.RpcImpersonateClient-1.ImpersonateLoggedOnUser-1.CoImpersonateClient-1.ImpersonateNamedPipeClient-1.ImpersonateDdeClientWindow-1.ImpersonateSecurityContext-1.SetThreadToken-1
languages:
- c
message: >
Make sure the return value is checked, and do not continue if a failure is
reported.
metadata:
cwe: "CWE-250: If this call fails, the program could fail to drop heightened
privileges (CWE-250)"
primary_identifier: flawfinder.RpcImpersonateClient-1.ImpersonateLoggedOnUser-1.CoImpersonateClient-1.ImpersonateNamedPipeClient-1.ImpersonateDdeClientWindow-1.ImpersonateSecurityContext-1.SetThreadToken-1
secondary_identifiers:
- name: Flawfinder - RpcImpersonateClient
type: flawfinder_func_name
value: RpcImpersonateClient
- name: Flawfinder - ImpersonateLoggedOnUser
type: flawfinder_func_name
value: ImpersonateLoggedOnUser
- name: Flawfinder - CoImpersonateClient
type: flawfinder_func_name
value: CoImpersonateClient
- name: Flawfinder - ImpersonateNamedPipeClient
type: flawfinder_func_name
value: ImpersonateNamedPipeClient
- name: Flawfinder - ImpersonateDdeClientWindow
type: flawfinder_func_name
value: ImpersonateDdeClientWindow
- name: Flawfinder - ImpersonateSecurityContext
type: flawfinder_func_name
value: ImpersonateSecurityContext
- name: Flawfinder - SetThreadToken
type: flawfinder_func_name
value: SetThreadToken
license: MIT
pattern-either:
- pattern: RpcImpersonateClient(...)
- pattern: ImpersonateLoggedOnUser(...)
- pattern: CoImpersonateClient(...)
- pattern: ImpersonateNamedPipeClient(...)
- pattern: ImpersonateDdeClientWindow(...)
- pattern: ImpersonateSecurityContext(...)
- pattern: SetThreadToken(...)
severity: ERROR
Short Link: https://sg.run/rk96