Search for Dangerous APIs and Functions

[lfatty]

Incorporate the ability to search for functions and APIs that may introduce vulnerabilities.

[marcesher]

Great idea. eval() and evaluate() come to mind

[lfatty]

Here a list of function that may present some vulnerabilities. So I want to create a text file (dangerous-api.txt) under patterns directory then call the parser to do its job. Please let me know if that is not a good approach.

os.system
os.spawn*
|os.popen
popen2.*
commands*
getattr
setattr
delattr
val
exec
execfile
password
wprintf
vwprintf
vsscanf
vsnprintf
utime
utmpname
unlink
umount
umask
ttyname
truncate
timpanum
t_open
system
syslog
symlink
strtrns
stat
srand
socket
sprintf
srand48
select
remove
recvmsg
realpath
readlink
read random
openlog
pathfind
popen
open
opendir
mrand48
mount
nis_ping
nftw
nis_getserv
mktemp
mknod
mkdir
mkdirp
lrand48
stat
kvm_open
lchown
gets
getpass
getopt
getopt_long
getlogin
getenv
getchar
getc
ftok
fstat
ftw
fscanf
fread
freopen
fgets
fattach
fdetatch
execv
execvp
exec
|drand48
dlopen
dbm_open
db_initialize
cuserid
copylist
creat
catopen
bind
acct
au_to_patch
basename
bcopy
Access-Control-Allow-Origin
addHeader
open
urllib2
tarfile
zipfile
pickle
shelve
os.fork
os.kill
betavariate
compile
cunifvariate
fork
gammavariate
gauss
gethostbyaddr
getlogin
jumpahead
listdir
randint
raw_input
recv
seed
shuffle
tmpfile
system
tmpnam
uniform
DEBUG
rmdir
uniform