Undefined Behavior

From OWASP
Jump to: navigation, search

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.


This article includes content generously donated to OWASP by Fortify.JPG.

Last revision (mm/dd/yy): 05/27/2009

Vulnerabilities Table of Contents

Description

The behavior of this function is undefined unless its control parameter is set to a specific value.

The Linux Standard Base Specification 2.0.1 for libc places constraints on the arguments to some internal functions [1]. If the constraints are not met, the behavior of the functions is not defined.

It is unusual for this function to be called directly. It is almost always invoked through a macro defined in a system header file, and the macro ensures that the following constraints are met:

The value 1 must be passed to the third parameter (the version number) of the following file system function:

	__xmknod

The value 2 must be passed to the third parameter (the group argument) of the following wide character string functions:

	__wcstod_internal
	__wcstof_internal
	__wcstol_internal
	__wcstold_internal
	__wcstoul_internal

The value 3 must be passed as the first parameter (the version number) of the following file system functions:

	__xstat
	__lxstat
	__fxstat
	__xstat64
	__lxstat64
	__fxstat64


Risk Factors

TBD

Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links


Related Attacks


Related Vulnerabilities


Related Controls


Related Technical Impacts


References