Uploaded image for project: 'Rules Repository'
  1. Rules Repository
  2. RSPEC-4823

Using command line arguments is security-sensitive

    Details

    • Message:
      Make sure that command line arguments are used safely here.
    • Default Severity:
      Critical
    • Impact:
      High
    • Likelihood:
      Low
    • Default Quality Profiles:
      Sonar way
    • Targeted languages:
      C, C++, Cobol, Go, Kotlin, Objective-C, PL/I, RPG, Ruby, Rust, Scala, Swift, TypeScript, VB6
    • Covered Languages:
      C#, Java, JavaScript, PHP, Python, VB.Net
    • Irrelevant for Languages:
      ABAP, APEX, CSS, Flex, HTML, PL/SQL, XML
    • Analysis Scope:
      Main Sources
    • Common Rule:
      Yes
    • CWE:
      CWE-88, CWE-214
    • OWASP:
      A1
    • SANS Top 25:
      Insecure Interaction Between Components

      Description

      Using command line arguments is security-sensitive. It has led in the past to the following vulnerabilities:

      Command line arguments can be dangerous just like any other user input. They should never be used without being first validated and sanitized.

      Remember also that any user can retrieve the list of processes running on a system, which makes the arguments provided to them visible. Thus passing sensitive information via command line arguments should be considered as insecure.

      This rule raises an issue when on every program entry points (main methods) when command line arguments are used. The goal is to guide security code reviews.

      Ask Yourself Whether

      • any of the command line arguments are used without being sanitized first.
      • your application accepts sensitive information via command line arguments.

      If you answered yes to any of these questions you are at risk.

      Recommended Secure Coding Practices

      Sanitize all command line arguments before using them.

      Any user or application can list running processes and see the command line arguments they were started with. There are safer ways of providing sensitive information to an application than exposing them in the command line. It is common to write them on the process' standard input, or give the path to a file containing the information.

      See

        Attachments

          Issue Links

          1.
          Java RSPEC-4844 Language-Specification Active Unassigned
          2.
          C# RSPEC-4891 Language-Specification Active Unassigned
          3.
          VB.NET RSPEC-4969 Language-Specification Active Unassigned
          4.
          JavaScript RSPEC-5086 Language-Specification Active Unassigned
          5.
          PHP RSPEC-5099 Language-Specification Active Unassigned
          6.
          Python RSPEC-5202 Language-Specification Active Unassigned

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                nicolas.harraudeau Nicolas Harraudeau
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: