gitlab.flawfinder.mkstemp-1

137

Download Count*

License

Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: flawfinder.mkstemp-1
    languages:
      - c
    message: >
      Some older Unix-like systems create temp files with permission to write by

      all by default, so be sure to set the umask to override this. Also, some older

      Unix systems might fail to use O_EXCL when opening the file, so make sure that

      O_EXCL is used by the library.
    metadata:
      cwe: "CWE-377: Potential for temporary file vulnerability in some
        circumstances."
      primary_identifier: flawfinder.mkstemp-1
      secondary_identifiers:
        - name: Flawfinder - mkstemp
          type: flawfinder_func_name
          value: mkstemp
      license: MIT
    pattern: mkstemp(...)
    severity: INFO

Short Link: https://sg.run/5Jo6