Avoid syscall

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Metadata

ID: ruby-security/avoid-syscall

Language: Ruby

Severity: Info

Category: Security

CWE: 94

Description

The syscall function is a direct interface to the operating system’s system calls. This rule is important because using syscall can lead to non-portable and difficult to maintain code. Different operating systems have different system calls and different numbers assigned to them. Therefore, the code that uses syscall may behave differently on different systems, which can lead to unexpected results and bugs that are hard to track down.

Furthermore, syscall is considered to be a low-level interface, which should be avoided in high-level programming languages like Ruby. It bypasses the abstractions that Ruby provides, which can lead to less readable and more error-prone code.

Instead of using syscall, use the abstractions that Ruby provides. For example, if you want to write to a file, use Ruby’s File class, which provides a high-level, portable interface for file operations. This way, you can ensure that your code is portable and easier to maintain. For instance, you can replace the syscall function in the non-compliant code with File.write('filename', 'hello\n').

Non-Compliant Code Examples

# See https://ruby-doc.org/core-2.4.1/Kernel.html
syscall 4, 1, "hello\n", 6   # '4' is write(2) on our box
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis

Datadog Code Analysis
PREVIEWING: may/unit-testing