- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
ID: ruby-security/avoid-syscall
Language: Ruby
Severity: Info
Category: Security
CWE: 94
The syscall
function is a direct interface to the operating system’s system calls. This rule is important because using syscall
can lead to non-portable and difficult to maintain code. Different operating systems have different system calls and different numbers assigned to them. Therefore, the code that uses syscall
may behave differently on different systems, which can lead to unexpected results and bugs that are hard to track down.
Furthermore, syscall
is considered to be a low-level interface, which should be avoided in high-level programming languages like Ruby. It bypasses the abstractions that Ruby provides, which can lead to less readable and more error-prone code.
Instead of using syscall
, use the abstractions that Ruby provides. For example, if you want to write to a file, use Ruby’s File class, which provides a high-level, portable interface for file operations. This way, you can ensure that your code is portable and easier to maintain. For instance, you can replace the syscall
function in the non-compliant code with File.write('filename', 'hello\n')
.
# See https://ruby-doc.org/core-2.4.1/Kernel.html
syscall 4, 1, "hello\n", 6 # '4' is write(2) on our box
|
|
For more information, please read the Code Analysis documentation
Identify code vulnerabilities directly in yourVS Code editor
Identify code vulnerabilities directly inJetBrains products