gitlab.flawfinder.tmpfile-1

137

Download Count*

MIT

License

Creating and using insecure temporary files can leave application and system data vulnerable to attack

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: flawfinder.tmpfile-1
    languages:
      - c
    message: >
      Creating and using insecure temporary files can leave application and
      system data vulnerable to

      attack
    metadata:
      cwe: "CWE-377: Function tmpfile() has a security flaw on some systems (e.g.,
        older System V systems) (CWE-377)"
      primary_identifier: flawfinder.tmpfile-1
      secondary_identifiers:
        - name: Flawfinder - tmpfile
          type: flawfinder_func_name
          value: tmpfile
      license: MIT
    pattern: tmpfile(...)
    severity: INFO

Short Link: https://sg.run/RPqE