dbus_credentials_new_from_current_process

API Overview

_dbus_credentials_new_from_current_process is an API in libdbus. This rule belongs to the api pair type. This rule is generated using ChatDetector.

Rule Description

tip

The return value of _dbus_credentials_new_from_current_process must be released by calling _dbus_credentials_take_unix_gids, with the same object passed as the 1-th argument to _dbus_credentials_take_unix_gids

info

Tags: api pair
Parameter Index: -1
CWE Type: CWE-404

Rule Code

import cpp
import semmle.code.cpp.dataflow.new.DataFlow


DataFlow::Node getSource(FunctionCall fc){
  fc.getTarget().hasName("_dbus_credentials_new_from_current_process")
  and result.asExpr() = fc
}

DataFlow::Node getSink(FunctionCall fc){
  fc.getTarget().hasName("_dbus_credentials_take_unix_gids")
  and result.asExpr() = fc.getArgument(0)
}

FunctionCall freeTarget(FunctionCall malloc){
  DataFlow::localFlow(getSource(malloc), getSink(result))
}

from FunctionCall fc
where fc.getTarget().hasName("_dbus_credentials_new_from_current_process")
      and not exists(
        FunctionCall free| 
        free = freeTarget(fc)
      )
select fc.getLocation()

API Overview​

Rule Description​

Rule Code​

API Overview

Rule Description

Rule Code