Skip to content
This repository has been archived by the owner on Jul 4, 2023. It is now read-only.

CID 47544: Use of untrusted string value (CWE-20) #27

Open
mmaraya opened this issue Feb 28, 2016 · 0 comments
Open

CID 47544: Use of untrusted string value (CWE-20) #27

mmaraya opened this issue Feb 28, 2016 · 0 comments
Assignees
@mmaraya
Labels
bug security

Comments

@mmaraya
Copy link
Owner

mmaraya commented Feb 28, 2016

ftp/cmds.c#L1481

tainted_string_return_content: getenv returns tainted string content.
var_assign: Assigning: theshell = getenv("SHELL"), which taints the shell.

ftp/cmds.c#L1500

tainted_string: Passing tainted string theshell to execl, which cannot accept tainted data.

The string may be incorrectly assumed to not contain certain metacharacters or element names in later operations. In shell: An unscrutinized string from an untrusted source used in a trusted context (CWE-20)
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@mmaraya mmaraya

Labels
bug security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mmaraya