Merge pull request #93 from Ostorlab/feature/format_string_kb

feature/format string kb.

MOBILE_CLIENT/COMMON/_CRITICAL/FORMAT_STRING/description.md

@@ -0,0 +1,30 @@
+Format string vulnerability occurs when a program does not properly validate or sanitize user input that is used as a format specifier in a formatted output function. This can allow an attacker to manipulate the format string argument and potentially execute arbitrary code or disclose sensitive information.
+
+The impact of format string vulnerabilities can be significant, leading to:
+1. Information Disclosure: Exploiting a format string vulnerability enables an attacker to extract sensitive information from memory. This may include confidential data like passwords, encryption keys, or other critical information.
+
+2. Remote Code Execution: Format string vulnerabilities can be exploited to execute arbitrary code on a system remotely. This allows attackers to gain control over the system, potentially leading to unauthorized access or the theft of sensitive data.
+
+3. Denial of Service (DoS): A format string vulnerability can be manipulated by an attacker to crash the program or induce it into an infinite loop. This type of attack results in a denial of service (DoS), rendering the system or application inaccessible to legitimate users.
+
+### Examples
+
+#### C
+
+```c
+// gcc vulnerable.c
+
+#include <stdio.h>
+#include <unistd.h>
+
+int main() {
+    int secret_num = 0x8badf00d;
+
+    char name[64] = {0};
+    read(0, name, 64);
+    printf("Hello ");
+    printf(name);
+    printf("! You'll never get my secret!\n");
+    return 0;
+}
+```

MOBILE_CLIENT/COMMON/_CRITICAL/FORMAT_STRING/meta.json

@@ -0,0 +1,19 @@
+{
+    "risk_rating": "critical",
+    "short_description": "Format string vulnerability allows an attacker to exploit a program by manipulating the format string parameter in a function that performs formatted output. This can lead to arbitrary code execution or information disclosure.",
+    "references": {
+        "CWE-134: Use of Externally-Controlled Format String": "https://cwe.mitre.org/data/definitions/134.html",
+        "CWE-20: Improper Input Validation": "http://cwe.mitre.org/data/definitions/20.html"
+    },
+    "title": "Format String Vulnerability",
+    "privacy_issue": false,
+    "security_issue": true,
+    "categories": {
+        "OWASP_MASVS_L1": [
+            "MSTG-PLATFORM-1: Testing for Platform Interaction (OWASP MSTG)"
+        ],
+        "OWASP_MASVS_L2": [
+            "MSTG-PLATFORM-1: Testing for Platform Interaction (OWASP MSTG)"
+        ]
+    }
+}

MOBILE_CLIENT/COMMON/_CRITICAL/FORMAT_STRING/recommendation.md

@@ -0,0 +1,33 @@
+To mitigate vulnerabilities related to format string attacks, it is crucial to follow certain practices. Input validation and sanitization should be implemented to ensure that user-supplied data is properly formatted and does not contain any malicious code. Additionally, developers should avoid using format string functions that accept user input directly, and instead use safer alternatives like string concatenation or formatted printing functions that do not rely on user-controlled format strings.
+
+# Code Examples:
+
+### C
+
+```c
+#include <stdio.h>
+
+int main() {
+    int secret_num = 0x8badf00d;
+
+    char name[64] = {0};
+
+    printf("Enter your name: ");
+    if (fgets(name, sizeof(name), stdin) != NULL) {
+        // Remove the newline character from the input
+        size_t len = strlen(name);
+        if (len > 0 && name[len - 1] == '\n') {93317
+            name[len - 1] = '\0';
+        }
+
+        printf("Hello %s! You'll never get my secret!\n", name);
+    } else {
+        // Handle error reading input
+        printf("Error reading input.\n");
+        return 1;
+    }
+
+    return 0;
+}
+```
+