GitHub-Mirror/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2025-10-06 00:13:24 +02:00
Code Issues Releases Wiki Activity

codeql: taint setmntent() and getmntent()

Browse Source
This commit is contained in:
Mike Yuan
2025-09-16 19:38:09 +02:00
parent 873a70d28a
commit 6b8dcb9853
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/codeql-queries/PotentiallyDangerousFunction.ql vendored
View File

@@ -52,6 +52,12 @@ predicate potentiallyDangerousFunction(Function f, string message) {
) or ( ) or (
f.getQualifiedName() = "basename" and f.getQualifiedName() = "basename" and
message = "Call basename() is icky. Use path_extract_filename() instead." message = "Call basename() is icky. Use path_extract_filename() instead."
) or (
f.getQualifiedName() = "setmntent" and
message = "Libmount parser is used instead, specifically libmount_parse_fstab()."
) or (
f.getQualifiedName() = "getmntent" and
message = "Libmount parser is used instead, specifically mnt_table_next_fs()."
) )
} }