gitlab.flawfinder.chgrp-1

137

Download Count*

MIT

License

Use fchgrp( ) instead.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: flawfinder.chgrp-1
    languages:
      - c
    message: |
      Use fchgrp( ) instead.
    metadata:
      cwe: "CWE-362: This accepts filename arguments; if an attacker can move those
        files, a race condition results. (CWE-362)"
      primary_identifier: flawfinder.chgrp-1
      secondary_identifiers:
        - name: Flawfinder - chgrp
          type: flawfinder_func_name
          value: chgrp
      license: MIT
    pattern: chgrp(...)
    severity: ERROR

Short Link: https://sg.run/nknG