...
Given below is a non-exhaustive list of library functions to which the above rules can apply:
_Exitwcsncpy() | _exitwcsncpy() | abortwcsncmp() | acceptwmemcpy() |
accesswmemcmp() | aio_errorwmemmove() | aio_return() | aio_suspend() |
alarm() | bind() | cfgetispeed() | cfgetospeed() |
cfsetispeed() | cfsetospeed() | chdir() | chmod() |
chown() | clock_gettime() | close() | connect() |
creat() | dup() | dup2() | execle() |
execve() | fchmod() | fchown() | fcntl() |
fdatasync() | fork() | fpathconf() | fstat() |
fsync() | ftruncate() | getegid() | geteuid() |
getgid() | getgroups() | getpeername() | getpgrp() |
getpid() | getppid() | getsockname() | getsockopt() |
getuid() | kill() | link() | listen() |
lseek() | lstat() | mkdir() | mkfifo() |
| |
| | | |
| open() | pathconf() | | | |
| |
| |
Risk Assessment
Depending on the library function called, the attacker may be able to use a heap overflow vulnerability to run arbitrary code. The detection of checks specified in description can be automated but the remediation has to be manual.
...
