gitlab.flawfinder.execl-1.execlp-1.execle-1.execv-1.execvp-1.popen-1.WinExec-1.ShellExecute-1
137
Download Count*
License
try using a library call that implements the same functionality if available.
Run Locally
Run in CI
Defintion
rules:
- id: flawfinder.execl-1.execlp-1.execle-1.execv-1.execvp-1.popen-1.WinExec-1.ShellExecute-1
languages:
- c
message: >
try using a library call that implements the same functionality if
available.
metadata:
cwe: "CWE-78: This causes a new program to execute and is difficult to use
safely (CWE-78)"
primary_identifier: flawfinder.execl-1.execlp-1.execle-1.execv-1.execvp-1.popen-1.WinExec-1.ShellExecute-1
secondary_identifiers:
- name: Flawfinder - execl
type: flawfinder_func_name
value: execl
- name: Flawfinder - execlp
type: flawfinder_func_name
value: execlp
- name: Flawfinder - execle
type: flawfinder_func_name
value: execle
- name: Flawfinder - execv
type: flawfinder_func_name
value: execv
- name: Flawfinder - execvp
type: flawfinder_func_name
value: execvp
- name: Flawfinder - popen
type: flawfinder_func_name
value: popen
- name: Flawfinder - WinExec
type: flawfinder_func_name
value: WinExec
- name: Flawfinder - ShellExecute
type: flawfinder_func_name
value: ShellExecute
license: MIT
pattern-either:
- pattern: execl(...)
- pattern: execlp(...)
- pattern: execle(...)
- pattern: execv(...)
- pattern: execvp(...)
- pattern: popen(...)
- pattern: WinExec(...)
- pattern: ShellExecute(...)
severity: ERROR
Short Link: https://sg.run/4P6g