Module cwe_checker_lib::checkers::cwe_560

This module implements a check for CWE-560: Use of umask() with chmod-style Argument.

The program uses the system call umask(2) with arguments for chmod(2). For instance, instead of a reasonable value like 0022 a value like 0666 is passed. This may result in wrong read and/or write access to files and directories, which could be utilized to bypass protection mechanisms.

See https://cwe.mitre.org/data/definitions/560.html for a detailed description.

How the check works

This check looks for umask calls and checks if they have a reasonable value, i.e. smaller than a certain value, currently set to 0o777 and greater than a reasonable value for umask, currently set to 0o177.

False Positives

• A value deemed unreasonable by the check could theoretically be intended by the programmer. But these cases should be very rare in real programs, so be sure to double check them!

False Negatives

• If the input to umask is not defined in the basic block before the call, the check will not see it. However, a log message will be generated whenever the check is unable to determine the parameter value of umask.

Statics

• CWE_MODULE
  The module name and version
• UPPER_BOUND_CORRECT_CHMOD_ARG_VALUE
  An upper bound for the value of a chmod-style argument.
• UPPER_BOUND_CORRECT_UMASK_ARG_VALUE
  An upper bound for the value of a presumably correct umask argument.

Functions

• check_cwe
  Execute the CWE check.