rust.lang.security.args-os.args-os

profile photo of returntocorpreturntocorp
Author
unknown
Download Count*
LGPL Commons Clause
License

args_os should not be used for security operations. From the docs: "The first element is traditionally the path of the executable, but it can be set to arbitrary text, and might not even exist. This means this property should not be relied upon for security purposes."

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: args-os
    message: 'args_os should not be used for security operations. From the docs:
      "The first element is traditionally the path of the executable, but it can
      be set to arbitrary text, and might not even exist. This means this
      property should not be relied upon for security purposes."'
    pattern: std::env::args_os()
    metadata:
      references:
        - https://doc.rust-lang.org/stable/std/env/fn.args_os.html
      technology:
        - rust
      category: security
      cwe: "CWE-807: Reliance on Untrusted Inputs in a Security Decision"
      confidence: HIGH
      likelihood: LOW
      impact: LOW
      subcategory: audit
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
    languages:
      - rust
    severity: INFO

Examples

args-os.rs

use std::env;

// ruleid: args-os
let args = env::args_os()