BIO_gets

API 概述

BIO_gets 是 openssl 中的一个API。该规属于return value check 类型。该规则是使用 AURC 生成的。

规则描述

提示

BIO_gets() returns -2 if the "gets" operation is not implemented by the BIO or -1 on other errors. Otherwise it typically returns the amount of data read, but depending on the implementation it may return only the length up to the first NUL character contained in the data read. In any case the trailing NUL that is added after the data read is not included in the length returned.

信息

标签：return value check

参数下标：N/A

CWE类别：CWE-253

规则代码

import cpp

class OpenSSLFunctionCall extends FunctionCall {
  OpenSSLFunctionCall() {
    this.getTarget().hasName("BIO_gets")
  }
}

from OpenSSLFunctionCall call, UnaryOperation uop
where
  uop.getOperator() = "!" and
  uop.getOperand() = call.getAnAccess()
select uop, "This negation checks the return value of BIO_gets."