當緩沖區過小時,調用 getwd() 會導致 buffer overflow。
函數 getwd() 會檢索當前工作目錄的絕對路徑。該函數是調用 getcwd(buf, PATH_MAX) 的封裝函數,因此假設 buf 可以存放至少 PATH_MAX 字節。如果 buf 不夠大,則攻擊者可以通過創建具有超長目錄名的方式來溢出緩沖區。
[1] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A5 Buffer Overflow
[2] Standards Mapping - Security Technical Implementation Guide Version 3 - (STIG 3) APP3590.1 CAT I
[3] Standards Mapping - Security Technical Implementation Guide Version 3.4 - (STIG 3.4) APP3590.1 CAT I
[4] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 249, CWE ID 560
[5] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 - (PCI 1.2) Requirement 6.3.1.1
[6] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 - (PCI 2.0) Requirement 6.5.2
[7] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 - (PCI 1.1) Requirement 6.5.5