signatures/c/original.db

# Race conditions
access\s*\(
creat
mknod
mkfifo
pathconf
opendir
dirname
basename
scandir
fopen
lstat
stat\s*\(
open\s*\(
chmod
chown
chgrp
rename
(mkdir|mkdirp)
(rmdirp|rmdir)
remove
unlink
link\s*\(
lchown
(execve|execl|execlp|execle|execv)
freopen
mktemp
# RNG based signatures
drand48
erand48
initstate
(jrand48|lcong48|lrand48|mrand48|nrand48|seed48|srand48)
random
setstate
srand
strfry
memfrob
crypt
srandom
# Design signatures
chroot\s*\(
gets
system\s*\(
popen
getenv
strcpy
strcat
(printf|sprintf|wsprintf|wsprintfA|wsprintfW|_snprinft|_snwprinft)\s*\(
(lstrcpy|lstrcpyA|lstrcpyW)
wcscpy
_mbscpy
_tcscpy
(StrCpy|StrCpyA|StrCpyW)
lstrcat
wscat
_mbscat
_tcscat
(StrCat|StrCatA|StrCatW)
strxfrm
wcsxfrm
_tcsxfrm
lstrcpyn
lstrcpynW
(StrCpyN|StrCpyNA|StrCpyNW)
wcsncpy
_mbsncpy
_tcsncpy
wcsncat
_mbsncat
_tcsncat
MultiByteToWideChar
WideCharToMultiByte
StrNCat
(StrCatBuff|StrCatBuffA|StrCatBuffW)
(StrCatN|StrCatNA|StrCatNW)
(StrFormatByteSize|StrFormatByteSizeA|StrFormatByteSizeW)
(StrFormatByteSize64|StrFormatByteSize64A|StrFormatByteSize64W)
(StrFormatKBSize|StrFormatKBSizeA|StrFormatKBSizeW)
StrFromTimeInterval
StrFromTimeIntervalA
StrFromTimeIntervalW
wvnsprintf
wvnsprintfA
wvnsprintfW
wnsprintf
wnsprintfA
wnsprintfW
PathAddExtension
PathAddExtensionA
PathAddExtensionW
PathAddBackslash
PathAddBackslashA
PathAddBackslashW
PathAppend
PathAppendA
PathAppendW
PathCanonicalize
PathCanonicalizeA
PathCanonicalizeW
PathCombine
PathCombineA
PathCombineW
LoadLibrary
LoadLibraryA
LoadLibraryW
GetExtensionVersion
OemToChar
OemToCharA
OemToCharW
OemToCharBuff
OemToCharBuffA
OemToCharBuffW
OemToAnsi
OemToAnsiA
OemToAnsiW
OemToAnsiBuff
OemToAnsiBuffA
OemToAnsiBuffW
GetTempPath
GetTempPathA
GetTempPathW
GetTempFileName
GetTempFileNameA
GetTempFileNameW
ShellExecute
ShellExecuteA
ShellExecuteW
ShellExecuteEx
ShellExecuteExA
ShellExecuteExW
_wsystem
_execl
_texecl
_wexecl
_execle
_texecle
_wexecle
_execlp
_texeclp
_wexeclp
_execlpe
_texeclpe
_wexeclpe
_execv
_texecv
_wexecv
_execve
_texecve
_wexecve
_execvp
_texecvp
_wexecvp
_execvpe
_texecvpe
_wexecvpe
_spawnl
_tspawnl
_wspawnl
_spawnle
_tspawnle
_wspawnle
_spawnlp
_tspawnlp
_wspawnlp
_spawnlpe
_tspawnlpe
_wspawnlpe
_spawnv
_tspawnv
_wspawnv
_spawnve
_tspawnve
_wspawnve
_spawnvp
_tspawnvp
_wspawnvp
_spawnvpe
_tspawnvpe
_wspawnvpe
scanf
sscanf
fscanf
vfscanf
vsprintf
vscanf
vsscanf
streadd
strecpy
strtrns
realpath
syslog
getopt
getopt_long
getpass
getchar
fgetc
getc
read\s*\(
bcopy
fgets
cin
memcpy
fprintf
snprintf
strccpy
strcadd
strncpy
_vsnprintf
# tmp file
tmpfile
tmpnam
tempnam
# Usr
getlogin
cuserid
ttyname
# known input sources
fread
recv
readv
recvfrom
recvmsg
readdir
readlink
signal
# From book/ shostack
gethostbyname
gethostbyaddr
realloc
# From peter guttmans thesis
fork
vfork
# Additional win32 dangerous functions
_mbsnbcpy
CopyMemory
strlen
_tcslen
_mbslen
wcslen
CreateProcess
CreateProcessAsUser
CreateProcessWithLogon
WinExec
RpcImpersonateClient
ImpersonateLoggedOnUser
CoImpersonateClient
ImpersonateNamedPipeClient
ImpersonateDdeClientWindow
ImpersonateSecurityContext
QuerySecurityContextToken
SetThreadToken
SetSecurityDescriptorDacl
AfxLoadLibrary
LoadLibraryEx
InitializeCriticalSection
EnterCriticalSection
_tprintf
wprintf
_cprintf
swprintf
_stprintf
_ftprintf
fwprintf
swscanf
_stscanf
_cscanf
_ftscanf
fwscanf
_tscanf
wscanf
vprintf
vwprintf
vfprintf
vfwprintf
vswprintf
_vsnwprintf
# Functions from David Wheelers book
catgets
gettext
strncat
getwd
umask
AddAccessAllowedAce
# sw bugs from aaron campbell, see https://www.arbornetworks.com/blog/asert/static-code-analysis-using-google-code-search/
flags\s*&&\s*[A-Z_]+
\[sizeof\(.*\)\]\s*=\s*'?\\?0'?;$
^[\s\t]*printf\(getenv
if \(errno = E
<= 65553
0xfffffff[^0-9a-f]
getopt\s*\(argc,\s*argv,\s*\"[^\"]*;