mirror of
https://github.com/github/codeql.git
synced 2026-03-16 04:26:47 +01:00
35 lines
866 B
XML
35 lines
866 B
XML
<!DOCTYPE qhelp PUBLIC
|
|
"-//Semmle//qhelp//EN"
|
|
"qhelp.dtd">
|
|
<qhelp>
|
|
<overview>
|
|
<p>The code passes user input directly
|
|
to <code>system</code>, <code>dlopen</code>, <code>LoadLibrary</code>
|
|
or some other process or library routine. As a result, the user can
|
|
cause execution of arbitrary code.</p>
|
|
|
|
</overview>
|
|
<recommendation>
|
|
|
|
<p>If possible, use hard-coded string literals for the command to run
|
|
or library to load. Instead of passing the user input directly to the
|
|
process or library function, examine the user input and then choose
|
|
among hard-coded string literals.</p>
|
|
|
|
<p>If the applicable libraries or commands cannot be determined at
|
|
compile time, then add code to verify that the user-input string is
|
|
safe before using it.</p>
|
|
|
|
</recommendation>
|
|
<example>
|
|
<sample src="UncontrolledProcessOperation.c" />
|
|
|
|
</example>
|
|
<references>
|
|
|
|
|
|
|
|
|
|
</references>
|
|
</qhelp>
|