...
If the command string passed to system(), popen(), or other function that invokes a command processor is not fully sanitized, the risk of exploitation is high. In the worst case scenario, an attacker can execute arbitrary system commands on the compromised machine with the privileges of the vulnerable process.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
ENV33-C | High | Probable | Yes | NoMedium | P12 | L1 |
Automated Detection
Tool | Version | Checker | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| stdlib-use-system | Fully checked | ||||||||||||
| Axivion Bauhaus Suite |
| CertC-ENV33 | |||||||||||||
| Clang |
| cert-env33-c | Checked by clang-tidy | ||||||||||||
| CodeSonar |
| BADFUNC.PATH.SYSTEM | Use of system | ||||||||||||
| Compass/ROSE | |||||||||||||||
| Coverity |
| DONT_CALL | Implemented | ||||||||||||
| Cppcheck Premium |
| premium-cert-env33-c | |||||||||||||
| Helix QAC |
| C5018 C++5031 | |||||||||||||
| Klocwork |
| SV.CODE_INJECTION.SHELL_EXEC | |||||||||||||
| LDRA tool suite |
| 588 S | Fully implemented | ||||||||||||
| Parasoft C/C++test |
| CERT_C-ENV33-a | Do not call the The 'system()' function from the 'stdlib.h' or 'cstdlib' library should not be used with an argument other than '0' (null pointer) | ||||||||||||
| PC-lint Plus |
| 586 | Fully supported | ||||||||||||
| Polyspace Bug Finder |
| Checks for unsafe call to a system function (rule fully covered) | PRQA QA-C | ||||||||||||
| Include Page | PRQA QA-C_v | PRQA QA-C_v | 5018 | Partially implemented||||||||||||
| RuleChecker |
| stdlib-use-system | Fully checked | ||||||||||||
| SonarQube C/C++ Plugin |
| S990 | Detects uses of "abort", "exit", "getenv" and "system" from <stdlib.h> |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...