Remove poor or outdated C rules (!188) · Merge requests · GitLab.org / security-products / sast-rules · GitLab

Isaac Dawson requested to merge remove_bad_c_rules into main Jul 04, 2023

Remove poor or outdated C rules (!188 (merged))
- c/buffer/rule-char_TCHAR.yml - Using character arrays is fine
- c/buffer/rule-getchar_fgetc.yml - Using getchar does not constitute a vulnerability
- c/buffer/rule-getopt_getopt_long.yml - This is a bug from 1999, see: https://stackoverflow.com/questions/64305167/flawfinder-error-internal-buffer-overflows-how-to-limit-string-input-size-and
- c/misc/rule-chroot.yml - Does not point to any specific vulnerability.
- c/misc/rule-InitializeCriticalSection.yml - This is no longer true since XP / 2003
- c/race/rule-chgrp.yml - There is no such function (only a unix command line utility)
- c/input/recv_recvfrom.yml - This is a source not a sink

See gitlab-org/gitlab#417391 (closed)

Edited Aug 28, 2023 by Isaac Dawson