OWASP: how to use Cppcheck output 如何閱讀cppcheck output 以改進代碼安全性

2024-08-29 17:20

本文主要是介绍OWASP: how to use Cppcheck output 如何閱讀cppcheck output 以改進代碼安全性,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

文章目录

  • How to install cppcheck
  • How to read output xml
    • as .XML
    • open in excel
    • Description
  • Relationship between CWE and OWASP
      • Injection (OWASP A1)
      • Broken Authentication (OWASP A2)
      • Sensitive Data Exposure (OWASP A3)
      • XML External Entities (XXE) (OWASP A4)
      • Broken Access Control (OWASP A5)
      • Security Misconfiguration (OWASP A6)
      • Cross-Site Scripting (XSS) (OWASP A7)
      • Insecure Deserialization (OWASP A8)
      • Using Components with Known Vulnerabilities (OWASP A9)
      • Insufficient Logging & Monitoring (OWASP A10)

How to install cppcheck

  1. Download Windows 64-bit (No XP support) Installer, and install

  2. new project
    The project file requires a larger storage space; it is recommended not to save it on the C drive.
    File -> Open Project File…

  3. save outupt to xml

How to read output xml

as .XML

https://codebeautify.org/xmlviewer

open in excel

I recommend using this method, and the results can be arranged by column."
在这里插入图片描述

Description

column nameinfoexample
version version2cppcheck version2.14.1
idtype of errorinvalidscanf
severityas namewarning, error, performance, style…
msgthe error logfscanf() without field width limits can crash with huge input data.
verboserevise sugestionfscanf() without field width limits can crash with huge input data. Add a field width specifier to fix this problem.
sincedatedate to scan by cpppcheck2024/08/28
file0on which filexxx.c xxx.cpp
cweThe CWE entry that this error violates119
filesame as file0N/A
linethe source code line408
infoother adviseParameter ‘args’ can be declared as pointer to const

Using cppcheck, a static analysis tool for C/C++ code, can help identify issues that may align with some of the vulnerabilities highlighted in the OWASP Top 10. However, cppcheck alone cannot guarantee that your code will fully comply with OWASP standards, as OWASP covers a broad range of web application security concerns that might require additional tools or manual code review.

Relationship between CWE and OWASP

The CWE (Common Weakness Enumeration) and OWASP Top 10 are both critical resources in the field of cybersecurity, but they do not have a strict one-to-one correspondence.

Instead, the OWASP Top 10 represents a list of the most critical security risks to web applications, while CWE is a broader catalog of software weaknesses. Each OWASP Top 10 entry may map to multiple CWEs, and vice versa.

Here’s a general idea of how some of the OWASP Top 10 categories might map to CWEs:

Injection (OWASP A1)

CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
CWE-89: SQL Injection

Broken Authentication (OWASP A2)

CWE-287: Improper Authentication
CWE-384: Session Fixation

Sensitive Data Exposure (OWASP A3)

CWE-311: Missing Encryption of Sensitive Data
CWE-319: Cleartext Transmission of Sensitive Information

XML External Entities (XXE) (OWASP A4)

CWE-611: Improper Restriction of XML External Entity Reference

Broken Access Control (OWASP A5)

CWE-284: Improper Access Control
CWE-285: Improper Authorization

Security Misconfiguration (OWASP A6)

CWE-16: Configuration
CWE-220: Sensitive Data Under Protected

Cross-Site Scripting (XSS) (OWASP A7)

CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

Insecure Deserialization (OWASP A8)

CWE-502: Deserialization of Untrusted Data

Using Components with Known Vulnerabilities (OWASP A9)

CWE-1104: Use of Unmaintained Third-Party Components
CWE-494: Download of Code Without Integrity Check

Insufficient Logging & Monitoring (OWASP A10)

CWE-778: Insufficient Logging
CWE-223: Omission of Security-relevant Information

While there is some overlap, each OWASP Top 10 category could relate to multiple CWEs, and each CWE could apply to different aspects of multiple OWASP Top 10 categories. Therefore, it’s more accurate to say that there are many-to-many relationships between these two resources.

这篇关于OWASP: how to use Cppcheck output 如何閱讀cppcheck output 以改進代碼安全性的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!



http://www.chinasem.cn/article/1118487

相关文章

OWASP十大安全漏洞解析

OWASP(开放式Web应用程序安全项目)发布的“十大安全漏洞”列表是Web应用程序安全领域的权威指南,它总结了Web应用程序中最常见、最危险的安全隐患。以下是对OWASP十大安全漏洞的详细解析: 1. 注入漏洞(Injection) 描述:攻击者通过在应用程序的输入数据中插入恶意代码,从而控制应用程序的行为。常见的注入类型包括SQL注入、OS命令注入、LDAP注入等。 影响:可能导致数据泄

Tomcat启动报错:transport error 202: bind failed: Address already in use

Tomcat启动报错:transport error 202: bind failed: Address already in use 了,上网查找了下面这篇文章。也是一种解决办法。 下文来自:http://blog.csdn.net/sam031503/article/details/7037033 tomcat 启动日志报出以下错误:  ERROR: transport err

Unity Adressables 使用说明(五)在运行时使用 Addressables(Use Addressables at Runtime)

一旦你将 Addressable assets 组织到 groups 并构建到 AssetBundles 中,就需要在运行时加载、实例化和释放它们。 Addressables 使用引用计数系统来确保 assets 只在需要时保留在内存中。 Addressables 初始化 Addressables 系统在运行时第一次加载 Addressable 或进行其他 Addressable API 调

国产隔离放大器:增强信号完整性和系统安全性的指南

隔离放大器是电子领域的关键组件,特别是在信号完整性和电气隔离至关重要的应用中。这些放大器隔离输入和输出信号,使它们能够在没有直接电气连接的情况下跨不同系统传输数据。这确保了电路一部分的高压尖峰或噪声不会影响另一部分,从而保护了系统和用户。随着国产隔离放大器的不断发展,它们提供了性能、可靠性和成本效益的完美结合,使其成为工程师和系统设计师的理想选择。 1. 了解国产隔离放大器的优势 增强信号

torch.backends.cudnn.benchmark和torch.use_deterministic_algorithms总结学习记录

经常使用PyTorch框架的应该对于torch.backends.cudnn.benchmark和torch.use_deterministic_algorithms这两个语句并不陌生,在以往开发项目的时候可能专门化花时间去了解过,也可能只是浅尝辄止简单有关注过,正好今天再次遇到了就想着总结梳理一下。 torch.backends.cudnn.benchmark 是 PyTorch 中的一个设置

编译时出现错误 -- clang: error: linker command failed with exit code 1 (use -v to see invocation)

出现这个错误的原因有多种,常见的是因为某些文件的缺失或者是文件的重复导致的。 这类错误查看的关键在于其上一行的文字。 对于文件缺少而导致错误的情况: 例如上图中的示例,其上一行文字为 ld:library not found for -lrxl,可以看出是缺失了某一文件而导致的错误,这行文字中的最后“ -lrxl ”:-l 代表着其前缀是“lib”,连着后面的 rxl,其名称为 libr

OWASP ZAP2.4.3使用指南(中文版)

OWASP ZAP是一款开源的web安全工具,它简单易用,与burp suite相似,主要功能包含了:代理、数据拦截修改、主动扫描、被动扫描、主动攻击、爬虫、fuzzing、渗透测试等。在国外安全圈和渗透测试领域应用非常广泛,在youtube上有许多关于ZAP的视频资料。与burp suite相比,前者是一款商业渗透测试工具,部分功能不能使用,国内的大部分使用者都使用的破解版,而ZAP是开源免费的

Address localhost:1099 is already in use:tomcat频繁重启端口占用问题

错误提示 Unable to open debugger port (127.0.0.1:58198): java.net.SocketException "Socket closed" Address localhost:1099 is already in use 端口被占用 报错原因 由于短时间内频繁运行tomcat服务器。 为了避免出现这一错误。可以点击刷新uodate

讨论“get”和“post”安全性

get”安全,还是“post”安全?这或许是大家总结两者必须要分析的内容,因为这涉及到我们将内容从浏览器传送到服务器的安全性,选择不当将会带来巨大的不安全因素,从而可能带来巨大的损失。这篇博客,我将阐述一下,当然更多的还是希望各位大神发表一下见解,讨论一下下!             首先,我们来看一下两者最基本的区别: GET请求通过URL(请求行)提交数据,在URL中可以看