Sicherheitsdefekte
Diese Defekte weisen auf Stellen in Ihrem Code hin, die anfällig für Hackerangriffe oder andere Sicherheitsverletzungen sind. Viele dieser Defekte weisen nicht auf Fehler hin, die Laufzeitfehler verursachen, sondern auf riskante Bereiche in Ihrem Code. Zu diesen Defekten gehören:
Verwaltung sensibler Daten
Verwendung gefährlicher oder veralteter Funktionen
Generieren von Zufallszahlen
Extern gesteuerte Pfade und Befehle
Polyspace-Ergebnisse
File access between time of check and use (TOCTOU) | File or folder might change state due to access race |
File descriptor exposure to child process | Copied file descriptor used in multiple processes |
File manipulation after chroot without chdir | Path-related vulnerabilities for file manipulated after
call to chroot |
Inappropriate I/O operation on device files | Operation can result in security vulnerabilities or a system failure |
Unsafe call to a system function | Unsanitized command argument has exploitable vulnerabilities |
Use of non-secure temporary file | Temporary generated file name not secure |
Vulnerable path manipulation | Path argument with /../, /abs/path/,
or other unsecure elements |
Bad order of dropping privileges | Dropped higher elevated privileges before dropping lower elevated privileges |
Privilege drop not verified | Attacker can gain unintended elevated access to program |
Umask used with chmod-style arguments | Argument to umask allows external user
too much control |
Vulnerable permission assignments | Argument gives read/write/search permissions to external users |
Unsafe standard encryption function | Function is not reentrant or uses a risky encryption algorithm |
Unsafe standard function | Function unsafe for security-related purposes |
Use of dangerous standard function | Dangerous functions cause possible buffer overflow in destination buffer |
Use of obsolete standard function | Obsolete routines can cause security vulnerabilities and portability issues |
LDAP injection | Data read from an untrusted source is used in the construction of an LDAP query (Seit R2023a) |
SQL injection | Data read from an untrusted source is used in the construction of an SQL query (Seit R2023a) |
Deterministic random output from constant seed | Seeding routine uses a constant seed making the output deterministic |
Predictable random output from predictable seed | Seeding routine uses a predictable seed making the output predictable |
Vulnerable pseudo-random number generator | Using a cryptographically weak pseudo-random number generator |
Critical data
member is not private | A critical data member is declared public (Seit R2022a) |
Errno not checked | errno is not checked for error conditions
following function call |
Execution of a binary from a relative path can
be controlled by an external actor | Command with relative path is vulnerable to malicious attack |
Function pointer assigned with absolute
address | Constant expression is used as function address is vulnerable to code injection |
Hard-coded
sensitive data | Sensitive data is exposed in code, for instance as string literals |
Incorrect order of network connection
operations | Socket is not correctly established due to bad order of connection steps or missing steps |
Information leak
via structure padding | Padding bytes can contain sensitive information |
Load of library from a relative path can be
controlled by an external actor | Library loaded with relative path is vulnerable to malicious attacks |
Mismatch between data length and
size | Data size argument is not computed from actual data length |
Missing case for switch
condition | switch variable not covered by cases and default case is
missing |
Misuse of readlink() | Third argument of readlink does not
leave space for null terminator in buffer |
Plain text
password stored in file system | Password stored in files in plain text format (Seit R2023b) |
Resource
injection | Data input is not properly restricted before being used as a resource identifier (Seit R2024a) |
Returned value of a sensitive function not
checked | Sensitive functions called without checking for unexpected return values and errors |
Sensitive data printed out | Function prints sensitive data |
Sensitive heap memory not cleared before
release | Sensitive data not cleared or released by memory routine |
Uncertain memory
cleaning | The code clears information that might be sensitive from memory but compiler optimization might leave the information untouched (Seit R2022a) |
Uncleared sensitive data in
stack | Variable in stack is not cleared and contains sensitive data |
Themen
- Bug Finder Defect Groups
The Bug Finder defect checkers are classified into groups such as data flow, concurrency, numerical, and so on.
MATLAB Command
You clicked a link that corresponds to this MATLAB command:
Run the command by entering it in the MATLAB Command Window. Web browsers do not support MATLAB commands.
Website auswählen
Wählen Sie eine Website aus, um übersetzte Inhalte (sofern verfügbar) sowie lokale Veranstaltungen und Angebote anzuzeigen. Auf der Grundlage Ihres Standorts empfehlen wir Ihnen die folgende Auswahl: .
Sie können auch eine Website aus der folgenden Liste auswählen:
So erhalten Sie die bestmögliche Leistung auf der Website
Wählen Sie für die bestmögliche Website-Leistung die Website für China (auf Chinesisch oder Englisch). Andere landesspezifische Websites von MathWorks sind für Besuche von Ihrem Standort aus nicht optimiert.
Amerika
- América Latina (Español)
- Canada (English)
- United States (English)
Europa
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)