SoftwareSecurity2014/Group 6/Code Scanning/RATS

Uit Werkplaats
Ga naar: navigatie, zoeken

RATS

installer/test.php:325: High: mail
installer/test.php:327: High: mail
program/lib/Roundcube/rcube.php:1541: High: mail
program/lib/Roundcube/rcube.php:1543: High: mail
Arguments 1, 2, 4 and 5 of this function may be passed to an external 
        program. (Usually sendmail). Under Windows, they will be passed to a
        remote email server. If these values are derived from user input, make
        sure they are properly formatted and contain no unexpected characters or
        extra data.

installer/rcube_install.php:752: High: system
Argument 1 to this function call should be checked to ensure that it does not
come from an untrusted source without first verifying that it contains nothing
dangerous.

plugins/debug_logger/runlog/runlog.php:114: High: fopen
plugins/zipdownload/zipdownload.php:132: High: fopen
plugins/zipdownload/zipdownload.php:226: High: fopen
plugins/filesystem_attachments/filesystem_attachments.php:85: High: fopen
plugins/enigma/lib/enigma_driver_phpssl.php:96: High: fopen
program/lib/Mail/mime.php:769: High: fopen
program/lib/Mail/mime.php:814: High: fopen
program/lib/Mail/mimePart.php:375: High: fopen
program/lib/Mail/mimePart.php:518: High: fopen
program/lib/Roundcube/rcube_imap_generic.php:2780: High: fopen
program/lib/Roundcube/rcube.php:1139: High: fopen
program/lib/Roundcube/rcube.php:1479: High: fopen
program/lib/Crypt/GPG/PinEntry.php:292: High: fopen
program/lib/Crypt/GPG.php:1548: High: fopen
program/lib/Crypt/GPG.php:1649: High: fopen
program/lib/Crypt/GPG.php:1665: High: fopen
program/lib/Crypt/GPG.php:1749: High: fopen
program/lib/Crypt/GPG.php:1772: High: fopen
program/lib/Crypt/GPG.php:1874: High: fopen
program/lib/Crypt/GPG.php:1889: High: fopen
program/lib/Crypt/GPG.php:2034: High: fopen
program/lib/Crypt/GPG.php:2050: High: fopen
program/lib/Crypt/GPG.php:2170: High: fopen
program/lib/Crypt/GPG.php:2279: High: fopen
program/lib/Crypt/GPG.php:2301: High: fopen
Argument 1 to this function call should be checked to ensure that it does not
come from an untrusted source without first verifying that it contains nothing
dangerous.

plugins/password/helpers/chgdbmailusers.c:19: High: fixed size local buffer
Extra care should be taken to ensure that character arrays that are allocated
on the stack are used safely.  They are prime targets for buffer overflow
attacks.

plugins/password/helpers/chgdbmailusers.c:21: High: strcpy
Check to be sure that argument 2 passed to this function call will not copy
more data than can be handled, resulting in a buffer overflow.

plugins/password/helpers/chgdbmailusers.c:28: High: strcat
Check to be sure that argument 2 passed to this function call will not copy
more data than can be handled, resulting in a buffer overflow.

plugins/password/helpers/chgdbmailusers.c:38: High: system
Argument 1 to this function call should be checked to ensure that it does not
come from an untrusted source without first verifying that it contains nothing
dangerous.

plugins/password/drivers/expect.php:39: High: popen
plugins/password/drivers/chpasswd.php:22: High: popen
plugins/password/drivers/pw_usermod.php:24: High: popen
plugins/password/drivers/smb.php:36: High: popen
Argument 1 to this function call should be checked to ensure that it does not
come from an untrusted source without first verifying that it contains nothing
dangerous.

installer/rcube_install.php:567: Medium: is_readable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists.  This is
the first line where a check has occured.
The following line(s) contain uses that may match up with this check:
476 (basename)

program/lib/Roundcube/rcube_mime.php:814: Medium: is_readable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists.  This is
the first line where a check has occured.
The following line(s) contain uses that may match up with this check:
815 (file)

program/lib/Roundcube/rcube_spellcheck_googie.php:83: Medium: fsockopen
Argument 1 to this function call should be checked to ensure that it does not
come from an untrusted source without first verifying that it contains nothing
dangerous.

program/lib/Crypt/GPG/Engine.php:535: Medium: is_dir
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists.  This is
the first line where a check has occured.
The following line(s) contain uses that may match up with this check:
536 (mkdir), 539 (chmod)

plugins/password/drivers/directadmin.php:230: Medium: fsockopen
program/lib/Roundcube/rcube_imap_generic.php:750: Medium: fsockopen
program/lib/Roundcube/rcube_spellcheck_atd.php:92: Medium: fsockopen
Argument 1 to this function call should be checked to ensure that it does not
come from an untrusted source without first verifying that it contains nothing
dangerous.

program/lib/Mail/mime.php:760: Medium: is_writable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists.  This is
the first line where a check has occured.
The following line(s) contain uses that may match up with this check:
769 (fopen), 814 (fopen)

program/lib/Mail/mimePart.php:370: Medium: is_writable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists.  This is
the first line where a check has occured.
The following line(s) contain uses that may match up with this check:
375 (fopen), 518 (fopen)

plugins/enigma/lib/enigma_driver_gnupg.php:58: Medium: is_writable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists.  This is
the first line where a check has occured.
The following line(s) contain uses that may match up with this check:
66 (mkdir)

plugins/enigma/lib/enigma_driver_phpssl.php:56: Medium: is_writable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists.  This is
the first line where a check has occured.
The following line(s) contain uses that may match up with this check:
64 (mkdir)

plugins/squirrelmail_usercopy/squirrelmail_usercopy.php:118: Medium: is_readable
A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists.  This is
the first line where a check has occured.
The following line(s) contain uses that may match up with this check:
120 (file)

installer/rcube_install.php: 444: file
plugins/zipdownload/zipdownload.php: 272: readfile
plugins/squirrelmail_usercopy/squirrelmail_usercopy.php: 120: file
plugins/squirrelmail_usercopy/squirrelmail_usercopy.php: 141: file
plugins/redundant_attachments/redundant_attachments.php: 198: read
plugins/redundant_attachments/redundant_attachments.php: 202: read
plugins/database_attachments/database_attachments.php: 114: read
plugins/virtuser_file/virtuser_file.php: 88: file
plugins/enigma/lib/enigma_engine.php: 223: fgets
plugins/password/drivers/directadmin.php: 302: fgets
plugins/password/drivers/smb.php: 42: file
plugins/password/drivers/ximss.php: 48: fgets
program/lib/Mail/mimePart.php: 528: fgets
program/lib/Net/Sieve.php: 1023: read
program/lib/Net/Socket.php: 341: fgets
program/lib/Net/Socket.php: 343: fgets
program/lib/Net/Socket.php: 359: read
program/lib/Net/Socket.php: 576: fgets
program/lib/Roundcube/rcube_imap_generic.php: 186: fgets
program/lib/Roundcube/rcube_imap_generic.php: 764: fgets
program/lib/Roundcube/rcube_spellcheck_atd.php: 103: fgets
program/lib/Roundcube/rcube_spellcheck_atd.php: 109: fgets
program/lib/Roundcube/rcube_config.php: 62: getenv
program/lib/Roundcube/rcube_cache_shared.php: 126: read
program/lib/Roundcube/rcube_spellcheck_googie.php: 94: fgets
program/lib/Roundcube/rcube_mime.php: 815: file
program/lib/Roundcube/rcube_cache.php: 129: read
program/lib/Roundcube/rcube_utils.php: 712: getallheaders
program/lib/Roundcube/rcube_utils.php: 1021: fgets
program/lib/Crypt/GPG/Engine.php: 521: getenv
program/lib/Crypt/GPG/PinEntry.php: 230: fgets
program/lib/Crypt/GPG/PinEntry.php: 483: getenv
Double check to be sure that all input accepted from an external data source
does not exceed the limits of the variable being used to hold it.  Also make
sure that the input cannot be used in such a manner as to alter your program's
behaviour in an undesirable way.

Total lines analyzed: 82487
Total time 0.180570 seconds
456814 lines per second