trailofbits.python.numpy-load-library.numpy-load-library
trailofbits
Author
unknown
Download Count*
License
Loading custom operator libraries can result in arbitrary code execution
Run Locally
Run in CI
Defintion
rules:
- id: numpy-load-library
message: Loading custom operator libraries can result in arbitrary code execution
languages:
- python
severity: ERROR
metadata:
category: security
cwe: "CWE-676: Use of Potentially Dangerous Function"
subcategory:
- audit
confidence: MEDIUM
likelihood: MEDIUM
impact: HIGH
technology:
- numpy
description: Potential arbitrary code execution from `NumPy` library loading
references:
- https://numpy.org/doc/stable/reference/routines.ctypeslib.html#numpy.ctypeslib.load_library
license: AGPL-3.0 license
vulnerability_class:
- Dangerous Method or Function
patterns:
- pattern: numpy.ctypeslib.load_library(...)
- pattern-not: numpy.ctypeslib.load_library("...", "...")
Examples
numpy-load-library.py
import numpy
path = "libname"
directory = "loader_path/"
# ok: numpy-load-library
numpy.ctypeslib.load_library(path, directory)
# ok: numpy-load-library
numpy.ctypeslib.as_ctypes(2)
# ok: numpy-load-library
numpy.ctypeslib.load_library("lib", "./loader")
# ruleid: numpy-load-library
numpy.ctypeslib.load_library("lib", input())
# ruleid: numpy-load-library
numpy.ctypeslib.load_library(input(), "./loader")
def test(param):
# ruleid: numpy-load-library
return numpy.ctypeslib.load_library(param, "./loader")
Short Link: https://sg.run/NXkL