gitlab.flawfinder.execl-1.execlp-1.execle-1.execv-1.execvp-1.popen-1.WinExec-1.ShellExecute-1

137
Download Count*
License

try using a library call that implements the same functionality if available.

Run Locally

Run in CI

Defintion

rules:
  - id: flawfinder.execl-1.execlp-1.execle-1.execv-1.execvp-1.popen-1.WinExec-1.ShellExecute-1
    languages:
      - c
    message: >
      try using a library call that implements the same functionality if
      available.
    metadata:
      cwe: "CWE-78: This causes a new program to execute and is difficult to use
        safely (CWE-78)"
      primary_identifier: flawfinder.execl-1.execlp-1.execle-1.execv-1.execvp-1.popen-1.WinExec-1.ShellExecute-1
      secondary_identifiers:
        - name: Flawfinder - execl
          type: flawfinder_func_name
          value: execl
        - name: Flawfinder - execlp
          type: flawfinder_func_name
          value: execlp
        - name: Flawfinder - execle
          type: flawfinder_func_name
          value: execle
        - name: Flawfinder - execv
          type: flawfinder_func_name
          value: execv
        - name: Flawfinder - execvp
          type: flawfinder_func_name
          value: execvp
        - name: Flawfinder - popen
          type: flawfinder_func_name
          value: popen
        - name: Flawfinder - WinExec
          type: flawfinder_func_name
          value: WinExec
        - name: Flawfinder - ShellExecute
          type: flawfinder_func_name
          value: ShellExecute
      license: MIT
    pattern-either:
      - pattern: execl(...)
      - pattern: execlp(...)
      - pattern: execle(...)
      - pattern: execv(...)
      - pattern: execvp(...)
      - pattern: popen(...)
      - pattern: WinExec(...)
      - pattern: ShellExecute(...)
    severity: ERROR