Q
Detector Library
C detectors (34/34)
Logging of sensitive informationInsecure Use Of ChrootDeadlock And Lock InconsistencyUnsafe File ExtensionOS command injectionIncorrect Use Of FreeUse Of Uninitialized VariableInsecure Use strcat fnSQL injectionBitwise Operator On Signed OperandInsecure use gets fnRandom fd exhaustionRedundant Free UsageInsecure Use MemsetDivide By Zero.Return Stack AddressUnchecked Return ValueIncorrect Format SpecifierUnhandled Expression ResultPath traversalImproper Input ValidationOut Of Bounds ReadInteger OverflowInsecure use strtok functionImproper size of a memory bufferincomplete-cleanupNull pointer dereferenceInsecure Temporary File Or DirectoryInsecure Buffer AccessIncorrect Use Ato FnLoose File PermissionsExposure of Sensitive InformationOut-of-bounds WriteString Equality
High
Showing all detectors for the C language with high severity.
Logging of sensitive information
Sensitive information has been logged in your code which may leads to sensitive information leak.
Insecure Use Of Chroot
Improper use of
chroot function may allow attackers to escape the chroot jail due to relative paths still referencing resources outside the intended jail after chroot function is called.Deadlock And Lock Inconsistency
This code contains a potential deadlock and violates lock consistency due to incorrect lock ordering or nested locking.
OS command injection
Constructing operating system or shell commands with unsanitized user input can lead to inadvertently running malicious code.
Use Of Uninitialized Variable
The code uses a variable that has not been initialized, leading to unpredictable or unintended results.
Insecure Use strcat fn
strcat or strncat can lead to buffer overflow vulnerabilities.
SQL injection
The use of untrusted inputs in a SQL database query can enable attackers to read, modify, or delete sensitive data in the database.
Bitwise Operator On Signed Operand
Bitwise operator applied on signed operand.
Insecure use gets fn
gets can lead to buffer overflow vulnerabilities.
Random fd exhaustion
Failure to limit and close open file descriptors allows uncontrolled resource consumption which can crash programs or degrade system performance.
Redundant Free Usage
Calling free method twice can be vulnerable to memory location.
Insecure Use Memset
Calling memset method can leave sensitive information behind.
Divide By Zero.
Software flaws related to dividing by zero.
Return Stack Address
A function returns the address of a stack variable will cause unintended program behavior, typically in the form of a crash.
Unchecked Return Value
Check the return value from a method or function.
Incorrect Format Specifier
This code contains a potential format vulnerability due to the use of function without specifying correct format specifier.
Unhandled Expression Result
Encourage Purposeful Operator Usage in Codebase.
Path traversal
Creating file paths from untrusted input might give a malicious actor access to sensitive files.
Improper Input Validation
Improper input validation can enable attacks and lead to unwanted behavior.
Out Of Bounds Read
Out of bounds read can allow attackers to read sensitive information from other memory locations or cause a crash.
Integer Overflow
An integer overflow might might cause security issues when it is used for resource management or execution control.
Insecure use strtok function
strtok() can cause unintended consequences and security issues.
Improper size of a memory buffer
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
incomplete-cleanup
This concept often emphasizes identifying instances in code where resources, like file descriptors, aren't properly
released or closed, particularly in C programming.Insecure Temporary File Or Directory
Securely create temporary files using functions like mkstemp() or tmpfile(), ensuring proper permissions with open() or fopen() during creation or via chmod() afterward.
Insecure Buffer Access
Use of insecure function can lead to buffer overflows.
Loose File Permissions
Providing permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Exposure of Sensitive Information
This code transmits sensitive information over a network or communication channel in cleartext, making it vulnerable to interception by attackers.
Out-of-bounds Write
Out of bounds write can allow attackers to write sensitive information from other memory locations or cause a crash.
String Equality
Use
strcmp() or strncmp() instead of == and != for character content comparison.