Avoid using realpath() function (C++)

Rule Definition
The realpath function is used to determine the canonical, absolute pathname from a given pathname. In several realpath implementations an off-by-one error exists in a portion of realpath that computes the length of the resolved pathname. As a result, if the resolved path name is exactly 1024 characters long and contains at least two directory separators, the buffer passed to realpath will be overwritten by a single NULL byte. As a result applications using realpath may be vulnerable to denial of service attacks, remote code execution, and/or privilege escalation. Also insufficient buffer space supplied to the realpath function can lead to buffer overflow vulnerabilities and allows remote attackers to execute code thru it.

Related Technologies

Health Factor

Total Quality Index

Technical Criterion
Secure Coding - API Abuse

About CAST Appmarq

CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.

Benchmark Statistics

Global Compliance

100.00%

Total Violations

0

Total Opportunities

1,250,911

Average Violations / App.

0.00

The compliance score represents 1 minus the ratio between the number of times a rule has been violated compared to the number of opportunities in a set of applications that the rule could have been violated.

Industry Insights

Energy

100.00%

Financial Services

100.00%

Insurance

100.00%

Want more stats? Register now!