How to overcome fstream::open warning? (CWE-362)

Question

How to overcome fstream::open warning? (CWE-362)

klugier opened this issue 4 years ago · comments

Hello,

I have following warning during flawfinder scan:

src/[-]/CsvParser.cpp:34:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).

I tried to check if filepath is symlink and play accordingly, however the warning is still there:

CsvParser::CsvParser(const bfs::path& csvFilePath)
{
    mCsvFile.exceptions(std::ifstream::badbit);
    mCsvFile.open(csvFilePath.string(), std::fstream::in);
    // ...
}

bfs is boost:filesystem it can be replaced with std::filesystem. How should I resolve the warning? IMO, flawfinder should offer examples how to solve certain warnings - this will be perfect learning opportunity to get knowledge in software security.

Klugier

David A. Wheeler · Answer 1 · Sun Jan 10 2021 01:43:33 GMT+0800 (China Standard Time)

All tools must have either false positives or false negatives, and in practice have both. Flawfinder identifies what may be a problem, but it only has a lexical view of code. It can identify more likely concerns, but it cannot confirm whether or not there's a real problem.

But what we can do is include, in the flawfinder output, a quick description of how to eliminate false positives when it makes a report. That's easy, and should be helpful. I'll do that.

David A. Wheeler · Answer 2 · Sun Jan 10 2021 01:59:55 GMT+0800 (China Standard Time)

Resolved, will be part of next release.