bool run_test(const std::string& path, const std::string& test, bool& warnings_occured, const std::string& cmd = "") { FILE* bin; #ifdef PE_BLISS_WINDOWS bin = POPEN(("\"\"" + path + test + "\" \"" + path + cmd + "\"\" 2>&1" + DEV_NULL).c_str(), "r"); #else bin = POPEN(("\"" + path + test + "\" \"" + path + cmd + "\" 2>&1" + DEV_NULL).c_str(), "r"); #endif if(bin == NULL) { std::cerr << "Cannot execute testsuite" << std::endl; return false; } char buf[256]; while(fgets(buf, sizeof(buf), bin) != NULL) { warnings_occured = true; std::cerr << buf; } #ifdef PE_BLISS_WINDOWS return PCLOSE(bin) == 0; #else int stat; int wstat = WEXITSTATUS(stat = PCLOSE(bin)); if(stat < 0 || (wstat != 0 && wstat != 128 + SIGPIPE)) return false; else return true; #endif }
/* goodG2B1() - use goodsource and badsink by changing the GLOBAL_CONST_TRUE to GLOBAL_CONST_FALSE */ static void goodG2B1() { char * data; char dataBuffer[100] = ""; data = dataBuffer; if(GLOBAL_CONST_FALSE) { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ printLine("Benign, fixed string"); } else { /* FIX: full path is specified */ strcpy(data, GOOD_OS_COMMAND); } { FILE *pipe; /* POTENTIAL FLAW: Executing the popen() function without specifying the full path to the executable * can allow an attacker to run their own program */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B1() - use goodsource and badsink by changing the switch to switch(5) */ static void goodG2B1() { wchar_t * data; wchar_t data_buf[100] = FULL_COMMAND; data = data_buf; switch(5) { case 6: /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ printLine("Benign, fixed string"); break; default: /* FIX: Append a fixed string to data (not user / external input) */ wcscat(data, L"*.*"); break; } { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B() - use goodsource and badsink by changing the "if" so that * both branches use the GoodSource */ static void goodG2B() { char * data; char dataBuffer[100] = ""; data = dataBuffer; if(globalReturnsTrueOrFalse()) { /* FIX: full path is specified */ strcpy(data, GOOD_OS_COMMAND); } else { /* FIX: full path is specified */ strcpy(data, GOOD_OS_COMMAND); } { FILE *pipe; /* POTENTIAL FLAW: Executing the popen() function without specifying the full path to the executable * can allow an attacker to run their own program */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B1() - use goodsource and badsink by changing the 5==5 to 5!=5 */ static void goodG2B1() { char * data; char data_buf[100] = FULL_COMMAND; data = data_buf; if(5!=5) { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ printLine("Benign, fixed string"); } else { /* FIX: Append a fixed string to data (not user / external input) */ strcat(data, "*.*"); } { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B() - use goodsource and badsink by changing the "if" so that * both branches use the GoodSource */ static void goodG2B() { char * data; char data_buf[100] = FULL_COMMAND; data = data_buf; if(globalReturnsTrueOrFalse()) { /* FIX: Append a fixed string to data (not user / external input) */ strcat(data, "*.*"); } else { /* FIX: Append a fixed string to data (not user / external input) */ strcat(data, "*.*"); } { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
void CWE78_OS_Command_Injection__char_environment_popen_16_bad() { char * data; char data_buf[100] = FULL_COMMAND; data = data_buf; while(1) { { /* Append input from an environment variable to data */ size_t dataLen = strlen(data); char * environment = GETENV(ENV_VARIABLE); /* If there is data in the environment variable */ if (environment != NULL) { /* POTENTIAL FLAW: Read data from an environment variable */ strncat(data+dataLen, environment, 100-dataLen-1); } } break; } { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B() uses the GoodSource with the BadSink */ static void goodG2B() { char * data; char * *dataPtr1 = &data; char * *dataPtr2 = &data; char data_buf[100] = FULL_COMMAND; data = data_buf; { char * data = *dataPtr1; /* FIX: Append a fixed string to data (not user / external input) */ strcat(data, "*.*"); *dataPtr1 = data; } { char * data = *dataPtr2; { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } } }
int mu_rndwn_sem_all(void) { int save_errno, exit_status = SS_NORMAL, semid; char entry[MAX_ENTRY_LEN]; FILE *pf; char fname[MAX_FN_LEN + 1], *fgets_res; boolean_t rem_sem; shm_parms *parm_buff; if (NULL == (pf = POPEN(IPCS_SEM_CMD_STR ,"r"))) { save_errno = errno; gtm_putmsg_csa(CSA_ARG(NULL) VARLSTCNT(8) ERR_SYSCALL, 5, RTS_ERROR_LITERAL("POPEN()"), CALLFROM, save_errno); return ERR_MUNOTALLSEC; } while (NULL != (FGETS(entry, SIZEOF(entry), pf, fgets_res)) && entry[0] != '\n') { if (-1 != (semid = parse_sem_id(entry))) { if (is_orphaned_gtm_semaphore(semid)) { /* semval == 0 and corresponding shared memory has been removed */ if (-1 != semctl(semid, 0, IPC_RMID)) { gtm_putmsg_csa(CSA_ARG(NULL) VARLSTCNT(3) ERR_SEMREMOVED, 1, semid); send_msg_csa(CSA_ARG(NULL) VARLSTCNT(3) ERR_SEMREMOVED, 1, semid); } } } } pclose(pf); return exit_status; }
explicit Gnuplot(const std::string cmd = "gnuplot") : boost::iostreams::stream<boost::iostreams::file_descriptor_sink>( FILENO(pout = POPEN(cmd.c_str(), "w")), boost::iostreams::never_close_handle), pout(pout), // keeps '-Weff++' quiet gp_pty(NULL), debug_messages(false) { *this << std::scientific << std::setprecision(18); // refer <iomanip> }
void CWE78_OS_Command_Injection__wchar_t_listen_socket_popen_54e_badSink(wchar_t * data) { { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B uses the GoodSource with the BadSink */ void CWE78_OS_Command_Injection__wchar_t_environment_popen_65b_goodG2BSink(wchar_t * data) { { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
CWE78_OS_Command_Injection__wchar_t_connect_socket_popen_84_bad::~CWE78_OS_Command_Injection__wchar_t_connect_socket_popen_84_bad() { { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
void CWE78_OS_Command_Injection__char_file_popen_65b_badSink(char * data) { { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B() uses the GoodSource with the BadSink */ static void goodG2BSink(wchar_t * data) { { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
CWE78_OS_Command_Injection__char_console_popen_84_goodG2B::~CWE78_OS_Command_Injection__char_console_popen_84_goodG2B() { { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
std::string executeShellCommand(const std::string command) { FILE* pipe = POPEN(command.c_str(), "r"); if (!pipe) return "ERROR"; char buffer[128]; std::string result = ""; while(!feof(pipe)) { if(fgets(buffer, 128, pipe) != NULL) result += buffer; } PCLOSE(pipe); return result; }
/* goodG2B() uses the GoodSource with the BadSink */ static void goodG2BSink(char * data) { { FILE *pipe; /* POTENTIAL FLAW: Executing the popen() function without specifying the full path to the executable * can allow an attacker to run their own program */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B uses the GoodSource with the BadSink */ void CWE78_OS_Command_Injection__char_file_popen_67b_goodG2BSink(CWE78_OS_Command_Injection__char_file_popen_67_structType myStruct) { char * data = myStruct.structFirst; { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
void CWE426_Untrusted_Search_Path__wchar_t_popen_81_bad::action(wchar_t * data) const { { FILE *pipe; /* POTENTIAL FLAW: Executing the wpopen() function without specifying the full path to the executable * can allow an attacker to run their own program */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B uses the GoodSource with the BadSink */ void goodG2BSink(list<wchar_t *> dataList) { wchar_t * data = dataList.back(); { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B uses the GoodSource with the BadSink */ void goodG2BSink(map<int, char *> dataMap) { char * data = dataMap[2]; { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B uses the GoodSource with the BadSink */ void CWE78_OS_Command_Injection__char_file_popen_68b_goodG2BSink() { char * data = CWE78_OS_Command_Injection__char_file_popen_68_goodG2BData; { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
void CWE78_OS_Command_Injection__char_file_popen_66b_badSink(char * dataArray[]) { /* copy data out of dataArray */ char * data = dataArray[2]; { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B uses the GoodSource with the BadSink */ void goodG2BSink(map<int, wchar_t *> dataMap) { wchar_t * data = dataMap[2]; { FILE *pipe; /* POTENTIAL FLAW: Executing the wpopen() function without specifying the full path to the executable * can allow an attacker to run their own program */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
void badSink(map<int, wchar_t *> dataMap) { /* copy data out of dataMap */ wchar_t * data = dataMap[2]; { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, L"wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B uses the GoodSource with the BadSink */ void CWE426_Untrusted_Search_Path__char_popen_68b_goodG2BSink() { char * data = CWE426_Untrusted_Search_Path__char_popen_68_goodG2BData; { FILE *pipe; /* POTENTIAL FLAW: Executing the popen() function without specifying the full path to the executable * can allow an attacker to run their own program */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
void CWE78_OS_Command_Injection__char_console_popen_12_bad() { char * data; char data_buf[100] = FULL_COMMAND; data = data_buf; if(globalReturnsTrueOrFalse()) { { /* Read input from the console */ size_t dataLen = strlen(data); /* if there is room in data, read into it from the console */ if (100-dataLen > 1) { /* POTENTIAL FLAW: Read data from the console */ if (fgets(data+dataLen, (int)(100-dataLen), stdin) != NULL) { /* The next few lines remove the carriage return from the string that is * inserted by fgets() */ dataLen = strlen(data); if (dataLen > 0 && data[dataLen-1] == '\n') { data[dataLen-1] = '\0'; } } else { printLine("fgets() failed"); /* Restore NUL terminator if fgets fails */ data[dataLen] = '\0'; } } } } else { /* FIX: Append a fixed string to data (not user / external input) */ strcat(data, "*.*"); } { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
void CWE78_OS_Command_Injection__char_environment_popen_42_bad() { char * data; char data_buf[100] = FULL_COMMAND; data = data_buf; data = badSource(data); { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }
/* goodG2B uses the GoodSource with the BadSink */ static void goodG2B() { char * data; char data_buf[100] = FULL_COMMAND; data = data_buf; data = goodG2BSource(data); { FILE *pipe; /* POTENTIAL FLAW: Execute command in data possibly leading to command injection */ pipe = POPEN(data, "wb"); if (pipe != NULL) { PCLOSE(pipe); } } }