trailofbits.python.tensorflow-load-library.tensorflow-load-library
trailofbits
Author
unknown
Download Count*
License
Loading custom operator libraries can result in arbitrary code execution
Run Locally
Run in CI
Defintion
rules:
- id: tensorflow-load-library
message: Loading custom operator libraries can result in arbitrary code execution
languages:
- python
severity: ERROR
metadata:
category: security
cwe: "CWE-676: Use of Potentially Dangerous Function"
subcategory:
- audit
confidence: MEDIUM
likelihood: MEDIUM
impact: HIGH
technology:
- tensorflow
description: Potential arbitrary code execution from `TensorFlow` library loading
references:
- https://www.tensorflow.org/api_docs/python/tf/load_library
- https://www.tensorflow.org/api_docs/python/tf/load_op_library
license: AGPL-3.0 license
vulnerability_class:
- Dangerous Method or Function
patterns:
- pattern-either:
- pattern: tensorflow.load_library(...)
- pattern: tensorflow.load_op_library(...)
- pattern-not: tensorflow.load_library("...")
- pattern-not: tensorflow.load_op_library("...")
Examples
tensorflow-load-library.py
import tensorflow
path = "somelib.so"
# ok: tensorflow-load-library
tensorflow.load_library(path)
# ruleid: tensorflow-load-library
tensorflow.load_library(input())
# ok: tensorflow-load-library
tensorflow.load_op_library(path)
# ruleid: tensorflow-load-library
tensorflow.load_op_library(input())
def test(p):
# ruleid: tensorflow-load-library
return tensorflow.load_library(p)
def test2(p):
# ruleid: tensorflow-load-library
return tensorflow.load_library(p + ".so")
def test3(p):
# ruleid: tensorflow-load-library
return tensorflow.load_op_library(p)
def test4(p):
# ruleid: tensorflow-load-library
return tensorflow.load_op_library(p + ".so")
Short Link: https://sg.run/xp0j