alpine 3.6
shell weakness #89

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

cppcheck/src/cppcheck-1.78/test/cfg/std.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 shell weakness.

     FILE* stream;
    wchar_t* format;
    int i;
    // cppcheck-suppress uninitvar
    (void)fwscanf(stream,format);
    // cppcheck-suppress uninitvar
    (void)fwscanf(stream,format,&i);
}

void uninivar_swscanf(void)
{
    wchar_t* s;
    wchar_t* format;
    int i;
    // cppcheck-suppress uninitvar
    (void)swscanf(s,format);
    // cppcheck-suppress uninitvar
    (void)swscanf(s,format,&i);
}

void uninitvar_system(void)
{
    char *c;
    // cppcheck-suppress uninitvar
    (void)system(c);
}

void uninitvar_zonetime(void)
{
    time_t *tp;
    int zone;
    // cppcheck-suppress uninitvar
    (void)zonetime(tp,zone);
}

void uninitvar_itoa(void)
{
    int value;
    char * str;
    int base;
    // cppcheck-suppress uninitvar
    (void)itoa(value,str,base);
}

#ifdef __STD_UTF_16__
void uninivar_c16rtomb(void)
{
    char * pmb;
    char16_t c16;
    mbstate_t * ps; 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.