GuardRails

GuardRails

  • Languages iconEnglish
    • 中文

›Go

Overview

  • Introduction
  • What is GuardRails
  • Getting started
  • Findings
  • Vulnerabilities
  • Configuration
  • Custom Engines
  • False Positives
  • Enforce Passing Checks
  • Build Status on Pull Requests
  • FAQ
  • Pricing
  • Glossary
  • Tools & Licenses

API

  • Usage Guide
  • Endpoints

Vulnerabilities

  • Introduction
  • General

    • Overview
    • Hard-Coded Secrets

    Apex

    • Overview
    • Insecure Access Control
    • Insecure Network Communication
    • Insecure Processing of Data
    • Insecure Use of Cryptography
    • Insecure Use of Language/Framework API
    • Insecure Use of SQL Queries

    C/C++

    • Overview
    • Insecure Access Control
    • Insecure File Management
    • Insecure Processing of Data
    • Insecure Use of Cryptography
    • Insecure Use of Dangerous Function

    Dotnet

    • Overview
    • Insecure Access Control
    • Insecure Configuration
    • Insecure File Management
    • Insecure Processing of Data
    • Insecure Use of Cryptography
    • Insecure Use of Dangerous Function
    • Insecure Use of SQL Queries
    • Using Vulnerable Libraries

    Elixir

    • Overview
    • Insecure Configuration
    • Insecure File Management
    • Insecure Processing of Data
    • Insecure Network Communication
    • Insecure Use of Dangerous Function
    • Insecure Use of Language/Framework API
    • Insecure Use of SQL Queries
    • Using Vulnerable Libraries

    Go

    • Overview
    • Insecure File Management
    • Insecure Network Communication
    • Insecure Processing of Data
    • Insecure Use of Cryptography
    • Insecure Use of Dangerous Function
    • Insecure Use of SQL Queries
    • Using Vulnerable Libraries

    Java

    • Overview
    • Using Vulnerable Libraries
    • Insecure Use of SQL Queries
    • Insecure Use of Dangerous Function
    • Insecure Use of Regular Expressions
    • Insecure Authentication
    • Insecure Configuration
    • Insecure File Management
    • Insecure Use of Cryptography
    • Insecure Use of Language/Framework API
    • Insecure Processing of Data
    • Insecure Network Communication

    Javascript/TypeScript

    • Overview
    • Insecure Authentication
    • Insecure Processing of Data
    • Insecure Use of SQL Queries
    • Insecure Use of Regular Expressions
    • Insecure Use of Language/Framework API
    • Insecure Use of Dangerous Function
    • Using Vulnerable Libraries

    Kubernetes

    • Overview
    • Insecure Access Control
    • Insecure Configuration
    • Insecure Network Communication

    PHP

    • Overview
    • Insecure Configuration
    • Insecure File Management
    • Insecure Network Communication
    • Insecure Processing of Data
    • Insecure Use of Dangerous Function
    • Insecure Use of Language/Framework API
    • Insecure Use of Regular Expressions
    • Insecure Use of SQL Queries
    • Using Vulnerable Libraries

    Python

    • Overview
    • Insecure Configuration
    • Insecure Use of Cryptography
    • Insecure Network Communication
    • Insecure Processing of Data
    • Insecure Use of Dangerous Function
    • Insecure Use of SQL Queries
    • Using Vulnerable Libraries

    Ruby

    • Overview
    • Insecure Access Control
    • Insecure Configuration
    • Insecure File Management
    • Insecure Network Communication
    • Insecure Processing of Data
    • Insecure Use of Dangerous Function
    • Insecure Use of Language/Framework API
    • Insecure Use of Regular Expressions
    • Insecure Use of SQL Queries
    • Using Vulnerable Libraries

    Rust

    • Overview
    • Using Vulnerable Libraries

    Solidity

    • Overview
    • Insecure Integer Arithmetic
    • Insecure Use of Low-Level Call
    • Reliance on Insecure Random Numbers
    • State Change After External Call
    • Transaction Order Dependence
    • Unprotected Critical Function
    • Use of Insecure Function
    • Dependence on Predictable Environment Variables
    • Write to Arbitrary Storage Location
    • Call to Untrusted Contract

    Terraform

    • Overview
    • Hard-Coded Secrets
    • Insecure Access Control
    • Insecure Configuration
    • Insecure Network Communication
    • Insecure Use of Cryptography

Insecure Use of Dangerous Function

This vulnerability category covers the following issues:

  • Command Injection

Command Injection

Why is this important?

Go, like any other programming language, has dangerous functions. If these functions are not used properly, it can have a catastrophic impact on your app. Go offers several ways to execute operating system commands, such as:

  • exec.Command()
  • exec.CommandContext()
  • syscall.Exec()

Attacker controlled input that is processed by any of these functions, can lead to attackers getting full access to your production environment.

Check out this video for a high-level explanation:

OS Command Injection

Read below to find out how to fix this issue in your code.

Fixing Insecure Use of Dangerous Function

Option A: Use the dangerous function securely

  1. Go through the issues that GuardRails identified in the PR.
  2. Locate the dangerous function. For example:
binary, lookErr := exec.LookPath("sh")
  if lookErr != nil {
      panic(lookErr)
}
env := os.Environ()
// This is the dangerous call taking user input
// and passing it to the operating system.
// To illustrate this example, assume that the form parameter name
// is expected to be `echo first name`.
// This would allow a malicious user to execute arbitrary commands.
args := []string{"sh", "-c", req.FormValue("name")}
execErr := syscall.Exec(binary, args, env)
if execErr != nil {
    panic(execErr)
}
  1. Replace the dangerous function with the following:
// Golang is good at safely using arguments passed to commands.
// The key point is that the user input must not be able to control
// the actual command being executed. Which was shown in the example above.
// Instead of using `sh`, it's better to use the actual command.
// In our example from above, this would be the command `echo`.
// Alternatively, a white list of allowed commands can be defined and
// referenced to define the executable binary.
binary, lookErr := exec.LookPath("echo")
  if lookErr != nil {
      panic(lookErr)
}
env := os.Environ()
// This is the dangerous call taking user input
// and passing it to the operating system.
args := []string{"echo", req.FormValue("name")}
execErr := syscall.Exec(binary, args, env)
if execErr != nil {
    panic(execErr)
}
  1. Test it and ensure the functionality works as expected
  2. Ship it 🚢 and relax 🌴

More information

  • Common Weakness Enumeration (CWE-78)
  • OWASP Top 10 - A1 Injection
← Insecure Use of CryptographyInsecure Use of SQL Queries →
  • Command Injection
    • Why is this important?
    • Fixing Insecure Use of Dangerous Function
    • More information
  • Status
  • Help
  • Security
  • Terms
  • Privacy

© 2021 GuardRails