ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5847/cfamily/rule.adoc
Jamie Anderson 9ee16daa47
Modify rules: Add STIG AS&D 2023-06-08 mappings (#3914) 
* Update JSON schema to include STIG ASD 2023-06-08 mapping

* Update rules to add STIG metadata mappings

---------

Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com>
2024-05-06 08:56:31 +02:00

86 lines
2.2 KiB
Plaintext
Raw Blame History

include::../common/description.adoc[]
== Why is this an issue?
include::../common/rationale.adoc[]
=== What is the potential impact?
include::../common/impact/rationale.adoc[]
include::../common/impact/code_execution.adoc[]
include::../common/impact/privilege_escalation.adoc[]
include::../common/impact/dos.adoc[]
== How to fix it
include::../common/how-to-fix/rationale.adoc[]
=== Code examples
==== Noncompliant code example
The following code sample is susceptible to a race condition attack because it
checks a file exists strictly before it opens it for writing.
[source,cpp,diff-id=1,diff-type=noncompliant]
----
FILE *fopen_if_not_exists(const char *file) {
if (access(file, F_OK) == -1 && errno == ENOENT) {
FILE *f = fopen(file, "w"); // Noncompliant
return f;
}
return nullptr;
}
----
==== Compliant solution
[source,cpp,diff-id=1,diff-type=compliant]
----
FILE *fopen_if_not_exists(const char *file) {
FILE *f = fopen(file, "wx");
return f;
}
----
=== How does this work?
Here, the compliant code example uses an atomic operation to open the file and
check for its existence beforehand.
== Resources
=== Documentation
* Carnegie Mellon University Software Engineering Institure - https://wiki.sei.cmu.edu/confluence/display/c/FIO45-C.+Avoid+TOCTOU+race+conditions+while+accessing+files[FIO45-C. - Avoid TOCTOU race conditions while accessing files]
=== Standards
* OWASP - https://owasp.org/Top10/A01_2021-Broken_Access_Control/[Top 10 2021 Category A1 - Broken Access Control]
* OWASP - https://owasp.org/www-project-top-ten/2017/A5_2017-Broken_Access_Control[Top 10 2017 Category A5 - Broken Access Control]
* CWE - https://cwe.mitre.org/data/definitions/367[CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition]
* STIG Viewer - https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222567[Application Security and Development: V-222567] - The application must not be vulnerable to race conditions.
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink