Search for Dangerous APIs and Functions

[lfatty]

Incorporate the ability to search for functions and APIs that may introduce vulnerabilities.

[marcesher]

Great idea. eval() and evaluate() come to mind

[lfatty]

Here a list of function that may present some vulnerabilities. So I want to create a text file (dangerous-api.txt) under patterns directory then call the parser to do its job. Please let me know if that is not a good approach.

os.system os.spawn |os.popen popen2. commands* getattr setattr delattr val exec execfile password wprintf vwprintf vsscanf vsnprintf utime utmpname unlink umount umask ttyname truncate timpanum t_open system syslog symlink strtrns stat srand socket sprintf srand48 select remove recvmsg realpath readlink read random openlog pathfind popen open opendir mrand48 mount nis_ping nftw nis_getserv mktemp mknod mkdir mkdirp lrand48 stat kvm_open lchown gets getpass getopt getopt_long getlogin getenv getchar getc ftok fstat ftw fscanf fread freopen fgets fattach fdetatch execv execvp exec |drand48 dlopen dbm_open db_initialize cuserid copylist creat catopen bind acct au_to_patch basename bcopy Access-Control-Allow-Origin addHeader open urllib2 tarfile zipfile pickle shelve os.fork os.kill betavariate compile cunifvariate fork gammavariate gauss gethostbyaddr getlogin jumpahead listdir randint raw_input recv seed shuffle tmpfile system tmpnam uniform DEBUG rmdir uniform