• Home
• org.sonarsource.php
• php-checks
• 3.38.0.12239
• source code
• S4818.html

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.sonar.l10n.php.rules.php.S4818.html Maven / Gradle / Ivy

This rule is deprecated, and will eventually be removed.
Using sockets is security-sensitive. It has led in the past to the following vulnerabilities:

  
 CVE-2011-178 
  
 CVE-2017-5645 
  
 CVE-2018-6597 

Sockets are vulnerable in multiple ways:

  
 They enable a software to interact with the outside world. As this world is full of attackers it is necessary to check that they cannot receive
  sensitive information or inject dangerous input. 
  
 The number of sockets is limited and can be exhausted. Which makes the application unresponsive to users who need additional sockets. 

This rules flags code that creates sockets. It matches only the direct use of sockets, not use through frameworks or high-level APIs such as the
use of http connections.
Ask Yourself Whether

  
 sockets are created without any limit every time a user performs an action. 
  
 input received from sockets is used without being sanitized. 
  
 sensitive data is sent via sockets without being encrypted. 

There is a risk if you answered yes to any of those questions.
Recommended Secure Coding Practices

  
 In many cases there is no need to open a socket yourself. Use instead libraries and existing protocols. 
  
 Encrypt all data sent if it is sensitive. Usually it is better to encrypt it even if the data is not sensitive as it might change later. 
  
 Sanitize any input read from the socket. 
  
 Limit the number of sockets a given user can create. Close the sockets as soon as possible. 

Sensitive Code Example
function handle_sockets($domain, $type, $protocol, $port, $backlog, $addr, $hostname, $local_socket, $remote_socket, $fd) {
    socket_create($domain, $type, $protocol); // Sensitive
    socket_create_listen($port, $backlog); // Sensitive
    socket_addrinfo_bind($addr); // Sensitive
    socket_addrinfo_connect($addr); // Sensitive
    socket_create_pair($domain, $type, $protocol, $fd);

    fsockopen($hostname); // Sensitive
    pfsockopen($hostname); // Sensitive
    stream_socket_server($local_socket); // Sensitive
    stream_socket_client($remote_socket); // Sensitive
    stream_socket_pair($domain, $type, $protocol); // Sensitive
}

See

  
 OWASP - Top 10 2017 Category A3 - Sensitive Data
  Exposure 
  
 CWE - CWE-20 - Improper Input Validation 
  
 CWE - CWE-400 - Uncontrolled Resource Consumption ('Resource Exhaustion') 
  
 CWE - CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor