CWE-560: Use of umask() with chmod-style Argument

Variant Draft Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

The product calls umask() with an incorrect argument that is specified as if it is an argument to chmod().

常见后果

影响范围: Confidentiality Integrity Access Control

技术影响: Read Files or Directories Modify Files or Directories Bypass Protection Mechanism

潜在缓解措施

阶段: Implementation

描述: Use umask() with the correct argument.

阶段: Testing

描述: If you suspect misuse of umask(), you can use grep to spot call instances of umask().

引入模式

阶段 说明
Implementation -

适用平台

编程语言
C (Undetermined)
关键信息

CWE ID: CWE-560

抽象级别: Variant

结构: Simple

状态: Draft

相关弱点
ChildOf CWE-687

Function Call With Incorrectly Specified Argument Value

Variant
返回列表