alpine 3.6
shell weakness #90

4

Weakness Breakdown


Definition:

A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.

Warning code(s):

This causes a new program to execute and is difficult to use safely.

File Name:

cppcheck/src/cppcheck-1.78/test/cfg/std.cpp

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 shell weakness.

     FILE* stream;
    wchar_t* format;
    int i;
    // cppcheck-suppress uninitvar
    (void)std::fwscanf(stream,format);
    // cppcheck-suppress uninitvar
    (void)std::fwscanf(stream,format,&i);
}

void uninivar_swscanf(void)
{
    wchar_t* s;
    wchar_t* format;
    int i;
    // cppcheck-suppress uninitvar
    (void)std::swscanf(s,format);
    // cppcheck-suppress uninitvar
    (void)std::swscanf(s,format,&i);
}

void uninitvar_system(void)
{
    char *c;
    // cppcheck-suppress uninitvar
    (void)std::system(c);
}

void uninitvar_setw(void)
{
    int i;
    // cppcheck-suppress uninitvar
    std::cout << std::setw(i);
}

void uninitvar_setiosflags(void)
{
    std::ios_base::fmtflags mask;
    // cppcheck-suppress uninitvar
    std::cout << std::setiosflags(mask); // #6987 - false negative
}

void uninitvar_resetiosflags(void)
{
    std::ios_base::fmtflags mask;
    // cppcheck-suppress uninitvar
    std::cout << std::resetiosflags(mask); // #6987 - false negative
}

void uninitvar_setfill(void)
{ 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.