Difference between revisions of "Undefined Behavior"

Revision as of 14:17, 19 February 2009

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

This article includes content generously donated to OWASP by

ASDR Table of Contents

Last revision (mm/dd/yy): 02/19/2009

Description

The behavior of this function is undefined unless its control parameter is set to a specific value.

The Linux Standard Base Specification 2.0.1 for libc places constraints on the arguments to some internal functions [1]. If the constraints are not met, the behavior of the functions is not defined.

It is unusual for this function to be called directly. It is almost always invoked through a macro defined in a system header file, and the macro ensures that the following constraints are met:

The value 1 must be passed to the third parameter (the version number) of the following file system function:

	__xmknod

The value 2 must be passed to the third parameter (the group argument) of the following wide character string functions:

	__wcstod_internal
	__wcstof_internal
	__wcstol_internal
	__wcstold_internal
	__wcstoul_internal

The value 3 must be passed as the first parameter (the version number) of the following file system functions:

	__xstat
	__lxstat
	__fxstat
	__xstat64
	__lxstat64
	__fxstat64

Risk Factors

TBD

Examples

Short example name

A short example description, small picture, or sample code with links

Short example name

A short example description, small picture, or sample code with links

Related Attacks

• Attack 1
• Attack 2

Related Vulnerabilities

• Vulnerability 1
• Vulnerabiltiy 2

Related Controls

• Control 1
• Control 2

Related Technical Impacts

• Technical Impact 1
• Technical Impact 2

References

• [1] The Linux Standard Base Specification 2.0.1, Interfaces Definitions for libc. http://www.linuxbase.org/spec/refspecs/LSB_1.2.0/gLSB/libcman.html.