This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Undefined Behavior
This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.
- This article includes content generously donated to OWASP by
Last revision (mm/dd/yy): 05/27/2009
Vulnerabilities Table of Contents
Description
The behavior of this function is undefined unless its control parameter is set to a specific value.
The Linux Standard Base Specification 2.0.1 for libc places constraints on the arguments to some internal functions [1]. If the constraints are not met, the behavior of the functions is not defined.
It is unusual for this function to be called directly. It is almost always invoked through a macro defined in a system header file, and the macro ensures that the following constraints are met:
The value 1 must be passed to the third parameter (the version number) of the following file system function:
__xmknod
The value 2 must be passed to the third parameter (the group argument) of the following wide character string functions:
__wcstod_internal __wcstof_internal __wcstol_internal __wcstold_internal __wcstoul_internal
The value 3 must be passed as the first parameter (the version number) of the following file system functions:
__xstat __lxstat __fxstat __xstat64 __lxstat64 __fxstat64
Risk Factors
TBD
Examples
Short example name
- A short example description, small picture, or sample code with links
Short example name
- A short example description, small picture, or sample code with links
Related Attacks
Related Vulnerabilities
Related Controls
Related Technical Impacts
References
- [1] The Linux Standard Base Specification 2.0.1, Interfaces Definitions for libc. http://www.linuxbase.org/spec/refspecs/LSB_1.2.0/gLSB/libcman.html.
