CWE-676 潜在危险函数的使用
Use of Potentially Dangerous Function
结构: Simple
Abstraction: Base
状态: Draft
被利用可能性: High
基本描述
The program invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.
相关缺陷
-
cwe_Nature: ChildOf cwe_CWE_ID: 1177 cwe_View_ID: 1000 cwe_Ordinal: Primary
-
cwe_Nature: ChildOf cwe_CWE_ID: 1177 cwe_View_ID: 699 cwe_Ordinal: Primary
适用平台
Language: [{'cwe_Name': 'C', 'cwe_Prevalence': 'Undetermined'}, {'cwe_Name': 'C++', 'cwe_Prevalence': 'Undetermined'}]
常见的影响
范围 | 影响 | 注释 |
---|---|---|
Other | ['Varies by Context', 'Quality Degradation', 'Unexpected State'] | If the function is used incorrectly, then it could result in security problems. |
检测方法
Automated Static Analysis - Binary or Bytecode
According to SOAR, the following detection techniques may be useful:
- Bytecode Weakness Analysis - including disassembler + source code weakness analysis
- Binary Weakness Analysis - including disassembler + source code weakness analysis
- Binary / Bytecode Quality Analysis
- Binary / Bytecode simple extractor – strings, ELF readers, etc.
Manual Static Analysis - Binary or Bytecode
According to SOAR, the following detection techniques may be useful:
- Binary / Bytecode disassembler - then use manual analysis for vulnerabilities & anomalies
Dynamic Analysis with Manual Results Interpretation
According to SOAR, the following detection techniques may be useful:
- Debugger
- Monitored Virtual Environment - run potentially malicious code in sandbox / wrapper / virtual machine, see if it does anything suspicious
Manual Static Analysis - Source Code
According to SOAR, the following detection techniques may be useful:
- Manual Source Code Review (not inspections)
- Focused Manual Spotcheck - Focused manual analysis of source
Automated Static Analysis - Source Code
According to SOAR, the following detection techniques may be useful:
- Source code Weakness Analyzer
- Context-configured Source Code Weakness Analyzer
- Warning Flags
- Source Code Quality Analyzer
Automated Static Analysis
According to SOAR, the following detection techniques may be useful:
- Origin Analysis
Architecture or Design Review
According to SOAR, the following detection techniques may be useful:
- Formal Methods / Correct-By-Construction
- Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.)
可能的缓解方案
['Build and Compilation', 'Implementation']
策略:
Identify a list of prohibited API functions and prohibit developers from using these functions, providing safer alternatives. In some cases, automatic code analysis tools or the compiler can be instructed to spot use of prohibited functions, such as the "banned.h" include file from Microsoft's SDL. [REF-554] [REF-7]
示例代码
例
The following code attempts to create a local copy of a buffer to perform some manipulations to the data.
bad C
strcpy(buf, string);
...
}
However, the programmer does not ensure that the size of the data pointed to by string will fit in the local buffer and blindly copies the data with the potentially dangerous strcpy() function. This may result in a buffer overflow condition if an attacker can influence the contents of the string parameter.
分析过的案例
标识 | 说明 | 链接 |
---|---|---|
CVE-2007-1470 | Library has multiple buffer overflows using sprintf() and strcpy() | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1470 |
CVE-2009-3849 | Buffer overflow using strcat() | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3849 |
CVE-2006-2114 | Buffer overflow using strcpy() | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2114 |
CVE-2006-0963 | Buffer overflow using strcpy() | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0963 |
CVE-2011-0712 | Vulnerable use of strcpy() changed to use safer strlcpy() | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0712 |
CVE-2008-5005 | Buffer overflow using strcpy() | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5005 |
Notes
分类映射
映射的分类名 | ImNode ID | Fit | Mapped Node Name |
---|---|---|---|
7 Pernicious Kingdoms | Dangerous Functions | ||
CERT C Secure Coding | CON33-C | CWE More Abstract | Avoid race conditions when using library functions |
CERT C Secure Coding | ENV33-C | CWE More Abstract | Do not call system() |
CERT C Secure Coding | ERR07-C | Prefer functions that support error checking over equivalent functions that don't | |
CERT C Secure Coding | ERR34-C | CWE More Abstract | Detect errors when converting a string to a number |
CERT C Secure Coding | FIO01-C | Be careful using functions that use file names for identification | |
CERT C Secure Coding | MSC30-C | CWE More Abstract | Do not use the rand() function for generating pseudorandom numbers |
CERT C Secure Coding | STR31-C | Imprecise | Guarantee that storage for strings has sufficient space for character data and the null terminator |
Software Fault Patterns | SFP3 | Use of an improper API |
引用
文章来源于互联网:scap中文网
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论