{"id":2613,"date":"2023-11-28T07:38:50","date_gmt":"2023-11-28T06:38:50","guid":{"rendered":"https:\/\/security.humanativaspa.it\/?p=2613"},"modified":"2025-10-21T09:19:14","modified_gmt":"2025-10-21T09:19:14","slug":"big-update-to-my-semgrep-c-cpp-ruleset","status":"publish","type":"post","link":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/","title":{"rendered":"Big update to my Semgrep C\/C++ ruleset"},"content":{"rendered":"<blockquote>\n<p style=\"text-align: left;\"><em>&#8220;The attack surface is the vulnerability. Finding a bug there is just a detail.&#8221;<\/em><br \/>\n<em>\u2014 Mark Dowd<\/em><\/p>\n<p><em>&#8220;Some details are more important than others.&#8221; <\/em><br \/>\n<em>&#8212; Fedor G. Pikus<\/em><\/p><\/blockquote>\n<h3>Initial release<\/h3>\n<p>Last year I published a collection of <a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\">Semgrep rules<\/a> that I developed to facilitate <strong>C\/C++ vulnerability research<\/strong>. I also wrote a couple of accompanying blog posts to <a href=\"https:\/\/hnsecurity.it\/semgrep-ruleset-for-c-c-vulnerability-research\">introduce my ruleset<\/a> and to show how to use it to <a href=\"https:\/\/hnsecurity.it\/automating-binary-vulnerability-discovery-with-ghidra-and-semgrep\/\">automate binary vulnerability discovery<\/a>.<\/p>\n<p>My research was well-received by the team behind <a href=\"https:\/\/semgrep.dev\/\">Semgrep<\/a>:<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Community member spotlight on&#8230;. Marco Ivaldi, aka <a href=\"https:\/\/twitter.com\/0xdea?ref_src=twsrc%5Etfw\">@0xdea<\/a>!<\/p>\n<p>We retweeted a blog post he wrote earlier this week on pen testing binaries with Semgrep, but he&#39;s also written a wealth of C++ rules (35!) to catch vulnerabilities: <a href=\"https:\/\/t.co\/FUgVuuMzKV\">https:\/\/t.co\/FUgVuuMzKV<\/a><\/p>\n<p>THANK YOU, <a href=\"https:\/\/twitter.com\/0xdea?ref_src=twsrc%5Etfw\">@0xdea<\/a>!!<a href=\"https:\/\/twitter.com\/hashtag\/cpp?src=hash&amp;ref_src=twsrc%5Etfw\">#cpp<\/a><\/p>\n<p>&mdash; Semgrep (@semgrep) <a href=\"https:\/\/twitter.com\/semgrep\/status\/1545516740833988609?ref_src=twsrc%5Etfw\">July 8, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Want to protect your codebase against vulnerabilities in binaries you may be using? <a href=\"https:\/\/twitter.com\/0xdea?ref_src=twsrc%5Etfw\">@0xdea<\/a> cleverly combines Ghidra with <a href=\"https:\/\/twitter.com\/hashtag\/Semgrep?src=hash&amp;ref_src=twsrc%5Etfw\">#Semgrep<\/a> to scan for just that. Read how: <a href=\"https:\/\/t.co\/O5qpV014EJ\">https:\/\/t.co\/O5qpV014EJ<\/a><\/p>\n<p>&mdash; Semgrep (@semgrep) <a href=\"https:\/\/twitter.com\/semgrep\/status\/1545092859413467142?ref_src=twsrc%5Etfw\">July 7, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Furthermore, probably because it filled a gap, my work sparked quite a lot of interest in the <strong>security research community<\/strong>. Over the following months, a bunch of <strong>independent projects<\/strong> that referenced my ruleset and tooling popped up on GitHub. Here are a few examples:<\/p>\n<ul>\n<li><a href=\"https:\/\/github.com\/e-m-b-a\/emba\">https:\/\/github.com\/e-m-b-a\/emba<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/JetP1ane\/Callisto\">https:\/\/github.com\/JetP1ane\/Callisto<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/20urc3\/Sekiryu\">https:\/\/github.com\/20urc3\/Sekiryu<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/VulnTotal-Team\/Vehicle-Security-Toolkit\">https:\/\/github.com\/VulnTotal-Team\/Vehicle-Security-Toolkit<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/iosifache\/semgrep-rules-manager\">https:\/\/github.com\/iosifache\/semgrep-rules-manager<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/falcosecurity\/falco\">https:\/\/github.com\/falcosecurity\/falco<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/brave\/security-action\">https:\/\/github.com\/brave\/security-action<\/a><\/li>\n<\/ul>\n<h3>Big update<\/h3>\n<p>Fast forward to 2023. In the past months, while tackling some <a href=\"https:\/\/hnsecurity.it\/ost2-zephyr-rtos-and-a-bunch-of-cves\">code review projects<\/a>, I&#8217;ve been working to <a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/commits\/main\">improve<\/a> my Semgrep ruleset.<\/p>\n<p>Beside the experience gained in the field during my ongoing <a href=\"https:\/\/hnsecurity.it\/ost2-zephyr-rtos-and-a-bunch-of-cves\">vulnerability<\/a> <a href=\"https:\/\/github.com\/coturn\/coturn\/pulls?q=is%3Apr+0xdea\">research<\/a> <a href=\"https:\/\/github.com\/search?o=desc&amp;q=author%3A0xdea+rt-thread&amp;s=created&amp;type=issues\">efforts<\/a>, I&#8217;ve used as input what I learned by attending some training courses (<a href=\"https:\/\/ost2.fyi\/\">OST2<\/a>&#8216;s <a href=\"https:\/\/ost2.fyi\/Vulns1001\">Vulns1001<\/a>\u00a0and <a href=\"https:\/\/ost2.fyi\/Vulns1002\">Vulns1002,<\/a> and <a href=\"https:\/\/www.infosectcbr.com.au\/\">InfoSect<\/a>&#8216;s Code Review) and I&#8217;ve tested my rules against a number of SAST <a href=\"https:\/\/samate.nist.gov\/SARD\/test-suites\">test suites<\/a> and <a href=\"https:\/\/samate.nist.gov\/SARD\/test-cases\">test cases<\/a>, conveniently collected by NIST&#8217;s Software Assurance Metrics And Tool Evaluation (<a href=\"https:\/\/www.nist.gov\/itl\/ssd\/software-quality-group\/samate\">SAMATE<\/a>) project.<\/p>\n<p>As a result, the ruleset now features <strong>a total of 48 rules<\/strong>. The newest rules are:<\/p>\n<ul>\n<li><strong>Memory management<\/strong>\n<ul>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/incorrect-use-of-free.yaml\">incorrect-use-of-free.yaml<\/a> &#8211; Calling free() on memory not on the heap.<\/li>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/putenv-stack-var.yaml\">putenv-stack-var.yaml<\/a> &#8211; Call to putenv() with a stack-allocated variable.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Race conditions<\/strong>\n<ul>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/insecure-api-signal.yaml\">insecure-api-signal.yaml<\/a> &#8211; Use of insecure API function signal().<\/li>\n<\/ul>\n<\/li>\n<li><strong>Miscellaneous<\/strong>\n<ul>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/incorrect-use-of-memset.yaml\">incorrect-use-of-memset.yaml<\/a> &#8211; Wrong order of arguments to memset() &lt;&lt; you wouldn&#8217;t believe how many instances of this simple bug are lurking in <a href=\"https:\/\/github.com\/FreeRTOS\/FreeRTOS\/issues\/1103\">production code<\/a>!<\/li>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/incorrect-use-of-sprintf-snprintf.yaml\">incorrect-use-of-sprintf-snprintf.yaml<\/a> &#8211; Source and destination overlap in sprintf() and snprintf().<\/li>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/suspicious-assert.yaml\">suspicious-assert.yaml<\/a> &#8211; Potentially invalid size check due to use of assertion macros &lt;&lt; this is another <a href=\"https:\/\/hnsecurity.it\/ost2-zephyr-rtos-and-a-bunch-of-cves\">popular bug<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/unchecked-ret-scanf-etc.yaml\">unchecked-ret-scanf-etc.yaml<\/a> &#8211; Unchecked return code of functions in the scanf() family &lt;&lt; also a powerful bug<\/li>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules#:~:text=atoi()%2C%20atol()%2C%20atof().-,argv%2Denvp%2Daccess,-.%20Command%2Dline%20argument\">argv-envp-access.yaml<\/a> &#8211; Command-line argument or environment variable access.<\/li>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/missing-default-in-switch.yaml\">missing-default-in-switch.yaml<\/a> &#8211; Missing default case in a switch statement.<\/li>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/missing-break-in-switch.yaml\">missing-break-in-switch.yaml<\/a> &#8211; Missing break or equivalent in a switch statement.<\/li>\n<li><a href=\"https:\/\/github.com\/0xdea\/semgrep-rules\/blob\/main\/c\/missing-return.yaml\">missing-return.yaml<\/a> &#8211; Missing return statement in non-void function.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>I&#8217;ve also improved both <strong>accuracy and performance<\/strong> of many old rules.<\/p>\n<p>In addition, I&#8217;ve reorganized the rules into<strong> three tiers<\/strong> to improve the bug hunting experience against large codebases. You can now run a scan aiming at <strong>quick wins<\/strong> (low-noise, high-priority bug reports only), high and medium-priority bugs, or a classic full-scan that might include also many false positives, simply by using the following commands:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-linenumbers=\"false\" data-enlighter-theme=\"minimal\"># high priority scan\r\n$ semgrep --severity ERROR --config PATH\/TO\/RULES PATH\/TO\/SOURCE\r\n\r\n# high and medium priority scan\r\n$ semgrep --severity ERROR --severity WARNING --config PATH\/TO\/RULES PATH\/TO\/SOURCE\r\n\r\n# full scan\r\n$ semgrep --config PATH\/TO\/RULES PATH\/TO\/SOURCE<\/pre>\n<p>Finally, I&#8217;ve discovered the <strong>Static Analysis Results Interchange Format<\/strong> (<a href=\"https:\/\/sarifweb.azurewebsites.net\/\">SARIF<\/a>) standard, which I recommend using for a better streamlined experience, as explained in the next sections.<\/p>\n<h3>Static analysis methodology<\/h3>\n<p>The first step in any vulnerability research effort is <strong>picking the target<\/strong>. There are different approaches that may work for you:<\/p>\n<ul>\n<li>Select a target that is somehow already familiar to you.<\/li>\n<li>Select a popular target that has a record of poor security and lots of CVEs.<\/li>\n<li>Conversely, select a less-researched target that is likely to have undiscovered vulnerabilities.<\/li>\n<li>Select a target that interests or intrigues you for some other reason.<\/li>\n<\/ul>\n<p>Ultimately, it&#8217;s your choice. In my opinion, all C programs that parse complex data are likely buggy:<\/p>\n<p><iframe title=\"Program in C\" width=\"840\" height=\"473\" src=\"https:\/\/www.youtube.com\/embed\/tas0O586t80?feature=oembed&#038;width=840&#038;height=1000&#038;discover=1\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p>Depending on the selected target, your static analysis methodology will vary. If you&#8217;re auditing a small codebase you can probably read it line by line to find bugs. With large codebases it&#8217;s not that simple.<\/p>\n<p>The key to auditing large programs is understanding the <strong>attack surface<\/strong> and being aware of <strong>trust boundaries<\/strong> between attacker-controlled input and privileged code, while peeling off layers of abstraction. In general, you can use either one of the following approaches:<\/p>\n<ul>\n<li><strong>Top-down<\/strong>: start where attacker-controlled input is provided and work downwards checking if it leads to a bug.<\/li>\n<li><strong>Bottom-up<\/strong>: start where the bugs are likely to be (hotspots or &#8220;code smells&#8221;) and work upwards checking if input is attacker-controlled.<\/li>\n<\/ul>\n<p>My Semgrep ruleset (as well as <a href=\"https:\/\/github.com\/0xdea\/ghidra-scripts\/blob\/main\/Rhabdomancer.java\">some other tools<\/a> I&#8217;ve released in the past) should help with the bottom-up approach, by <strong>isolating hotspots in code where bugs are likely to manifest<\/strong>. If you&#8217;re interested in exploring other approaches, I&#8217;d recommend reading <em>The Art of Software Security Assessment<\/em> (<a href=\"https:\/\/www.amazon.com\/Art-Software-Security-Assessment-Vulnerabilities\/dp\/0321444426\">TAOSSA<\/a>) by <a href=\"https:\/\/twitter.com\/mdowd\">Mark Dowd<\/a> and friends. While a bit dated by now, I think this book is still very much relevant when it comes to C audits.<\/p>\n<p>Coming back to our <strong>static analysis methodology<\/strong>, here&#8217;s a simplified outline that can be used to quickly audit a large codebase with the help of Semgrep:<\/p>\n<ol>\n<li>Read the documentation, especially about past vulnerabilities, to uncover attack surface and interesting paths.<\/li>\n<li>Scan with Semgrep and <a href=\"https:\/\/github.com\/weggli-rs\/weggli\">other tools<\/a> against interesting paths in the codebase.<\/li>\n<li>Perform a first manual review of scan results to quickly mark hotspots in code where potential bugs may be.<\/li>\n<li>Perform a second manual pass to understand and explore relevant code around the hotspots, discard false positives, and identify potential vulnerabilities.<\/li>\n<li>Confirm the presence of security vulnerabilities and other bugs via further analysis, dynamic testing, targeted fuzzing, etc.<\/li>\n<li>Identify variants of confirmed vulnerabilities in other parts of the codebase, by creating custom rules if needed.<\/li>\n<\/ol>\n<p>Remember that static analysis should prove the properties of a program that are true for all possibile executions, while dynamic analysis only proves properties for particular executions. In most cases, <strong>a mix of static and dynamic analysis is recommended<\/strong>. For further considerations on methodology, check out the <a href=\"https:\/\/hnsecurity.it\/automating-binary-vulnerability-discovery-with-ghidra-and-semgrep\/\">videos<\/a> of some of my talks.<\/p>\n<h3>Step-by-step example<\/h3>\n<p>It&#8217;s time to show how to apply our methodology in the field with a step-by-step example. As a sample target, I&#8217;ve picked <a href=\"https:\/\/github.com\/zephyrproject-rtos\/zephyr\/releases\/tag\/v3.4.0\">Zephyr 3.4.0<\/a> which I&#8217;ve previously audited <a href=\"https:\/\/hnsecurity.it\/ost2-zephyr-rtos-and-a-bunch-of-cves\">with some success<\/a>.<\/p>\n<p>First, by reading the documentation about <a href=\"https:\/\/github.com\/zephyrproject-rtos\/zephyr\/security\/advisories\">previous vulnerabilities<\/a>, we can determine that the\u00a0<em>subsys<\/em> and\u00a0<em>drivers<\/em> paths in the codebase expose an encouraging <strong>attack surface<\/strong>. Let&#8217;s focus on them:<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-theme=\"minimal\" data-enlighter-linenumbers=\"false\"># download and untar release 3.4.0\r\nraptor@blumenkraft Research % wget https:\/\/github.com\/zephyrproject-rtos\/zephyr\/archive\/refs\/tags\/v3.4.0.tar.gz\r\nraptor@blumenkraft Research % tar xvfz v3.4.0.tar.gz\r\n\r\n# perform quick-win scans against subsys and drivers directories\r\nraptor@blumenkraft Research % cd zephyr-3.4.0\r\nraptor@blumenkraft zephyr-3.4.0 % semgrep --sarif --severity ERROR --config \/Users\/raptor\/Downloads\/github\/semgrep-rules subsys &gt; SUBSYS_ERROR.sarif\r\nraptor@blumenkraft zephyr-3.4.0 % semgrep --sarif --severity ERROR --config \/Users\/raptor\/Downloads\/github\/semgrep-rules drivers &gt; DRIVERS_ERROR.sarif\r\n\r\n# also scan for medium priority bugs in those directories\r\nraptor@blumenkraft zephyr-3.4.0 % semgrep --sarif --severity WARNING --config \/Users\/raptor\/Downloads\/github\/semgrep-rules subsys &gt; SUBSYS_WARNING.sarif\r\nraptor@blumenkraft zephyr-3.4.0 % semgrep --sarif --severity WARNING --config \/Users\/raptor\/Downloads\/github\/semgrep-rules drivers &gt; DRIVERS_WARNING.sarif\r\n\r\n# run VSCode with SARIF viewer to browse scan results\r\nraptor@blumenkraft zephyr-3.4.0 % code .<\/pre>\n<p>Semgrep&#8217;s performance is astounding. The quick-win scans will terminate in just a few seconds, while scans for medium-priority bugs will require a bit more time. Go grab a coffee and come back later. Of course, you can (and you should) <strong>customize the rules<\/strong> to make them more effective and efficient against the specific codebase you&#8217;re analyzing (hint: use the <code class=\"EnlighterJSRAW\" data-enlighter-language=\"raw\">--time<\/code> flag to highlight potential performance issues in your ruleset). If you&#8217;re lazy and don&#8217;t want to perform the scans yourself but would still like to play with Semgrep results in VSCode, you can download the SARIF output files directly from <a href=\"https:\/\/gist.github.com\/0xdea\/75a86bc7693cacd5afeb809389afd66e\/raw\/b325cc00e9b43c392f6040f41cec45a72442aea0\/zephyr-sarif.zip\">here<\/a>. You&#8217;re welcome, but if you&#8217;re serious about being a vulnerability researcher you should really put in the work \ud83e\udd28<\/p>\n<p>Once the scans are finished, open the codebase in <a href=\"https:\/\/code.visualstudio.com\/\">VSCode<\/a>. Make sure to have the <a href=\"https:\/\/marketplace.visualstudio.com\/items?itemName=MS-SarifVSCode.sarif-viewer\">SARIF Viewer<\/a> extension installed, along with other useful extensions for code navigation such as C\/C++ IntelliSense. Personally, I also use <a href=\"https:\/\/marketplace.visualstudio.com\/items?itemName=debugpig.highlight\">this cute little extension<\/a> that helps me keep track of interesting variables in the code listing. Hopefully it&#8217;s not too backdoored \ud83d\ude09\u00a0<a href=\"https:\/\/marketplace.visualstudio.com\/items?itemName=refactor-security.security-notes\">Security Notes<\/a> and <a href=\"https:\/\/marketplace.visualstudio.com\/items?itemName=alefragnani.Bookmarks\">Bookmarks<\/a> are also worth checking out. Finally, Semgrep has its own <a href=\"https:\/\/marketplace.visualstudio.com\/items?itemName=Semgrep.semgrep\">official extension<\/a>, although I&#8217;m not showing it in this example.<\/p>\n<p>The following screenshot (you may click on it to view it full-size) shows that Semgrep was able to identify <strong>2773 total hotspots<\/strong> in the\u00a0<em>drivers<\/em> directory, related to potential high-priority (9 results) and medium-priority (2764) bugs:<\/p>\n<p><a href=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1.png\"><img decoding=\"async\" class=\"aligncenter wp-image-2797 size-full\" src=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1.png\" alt=\"\" width=\"2560\" height=\"1080\" srcset=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1.png 2560w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1-300x127.png 300w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1-1024x432.png 1024w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1-768x324.png 768w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1-1536x648.png 1536w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1-2048x864.png 2048w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.31.35-1-350x148.png 350w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/a><\/p>\n<p>A specific scan result is highlighted. As it turns out, <strong>there was indeed a buffer overflow due to strcat() use <\/strong>at that location of the source code, which I&#8217;ve <a href=\"https:\/\/github.com\/zephyrproject-rtos\/zephyr\/security\/advisories\/GHSA-gghm-c696-f4j4\">reported<\/a> to the Zephyr project and is now fixed. Not bad for a quick scan with my default rules, right?<\/p>\n<p>So, the plan here is to navigate all scan results, bookmarking the locations of potential bugs, and come back to them later to understand the code, discard false positives, and confirm the presence of security vulnerabilities. Finally, you should search for variants of the confirmed vulnerabilities in other parts of the code, perhaps again with the help of custom Semgrep rules. For large codebases it&#8217;s still a time-consuming process, but it&#8217;s definitely feasible as opposed to reading all the code line by line.<\/p>\n<p>The following screenshot shows <a href=\"https:\/\/github.com\/zephyrproject-rtos\/zephyr\/security\/advisories\/GHSA-8x3p-q3r5-xh9g\">another actual bug<\/a> that I&#8217;ve discovered in the Zephyr IPM driver. This one is a <strong>signed to unsigned conversion error that causes a buffer overflow<\/strong>:<\/p>\n<p><a href=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1.png\"><img decoding=\"async\" class=\"aligncenter wp-image-2803 size-full\" src=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1.png\" alt=\"\" width=\"2560\" height=\"1080\" srcset=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1.png 2560w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1-300x127.png 300w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1-1024x432.png 1024w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1-768x324.png 768w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1-1536x648.png 1536w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1-2048x864.png 2048w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-14.57.44-1-350x148.png 350w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/a><\/p>\n<p>This final screenshot shows a <a href=\"https:\/\/github.com\/zephyrproject-rtos\/zephyr\/security\/advisories\/GHSA-2g3m-p6c7-8rr3\">buffer overflow in the CANbus subsystem<\/a>, this time caused by an ineffective size check due to relying on <strong>assertions that are compiled-out in production releases<\/strong>:<\/p>\n<p><a href=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1.png\"><img decoding=\"async\" class=\"aligncenter wp-image-2808 size-full\" src=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1.png\" alt=\"\" width=\"2560\" height=\"1080\" srcset=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1.png 2560w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1-300x127.png 300w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1-1024x432.png 1024w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1-768x324.png 768w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1-1536x648.png 1536w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1-2048x864.png 2048w, https:\/\/hnsecurity.it\/wp-content\/uploads\/2023\/10\/Screenshot-2023-10-27-at-15.14.32-1-350x148.png 350w\" sizes=\"(max-width: 2560px) 100vw, 2560px\" \/><\/a><\/p>\n<p>Read, scan, review, confirm, rinse, repeat&#8230; That&#8217;s pretty much the gist of it. Have fun auditing large codebases with the help of Semgrep!<\/p>\n<h3>Shoutz<\/h3>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"bash\" data-enlighter-linenumbers=\"false\" data-enlighter-theme=\"minimal\">raptor@blumenkraft ~ % host -t txt shoutz.phrack.org\r\nshoutz.phrack.org descriptive text \"To the old farts in #!oscar\"<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;The attack surface is the vulnerability. Finding a bug there is just a detail.&#8221; \u2014 Mark Dowd &#8220;Some details are [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":159955,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[91,88],"tags":[82,96,116,117,162],"class_list":["post-2613","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-articles","category-tools","tag-vulnerability-research","tag-static-analysis","tag-c-c","tag-code-review","tag-semgrep"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>HN Security - Big update to my Semgrep C\/C++ ruleset -<\/title>\n<meta name=\"description\" content=\"Introducing new Semgrep rules for C\/C++ SAST and vulnerability research and a static analysis workflow applied to real-world examples.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/\" \/>\n<meta property=\"og:locale\" content=\"it_IT\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"HN Security - Big update to my Semgrep C\/C++ ruleset -\" \/>\n<meta property=\"og:description\" content=\"Introducing new Semgrep rules for C\/C++ SAST and vulnerability research and a static analysis workflow applied to real-world examples.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/\" \/>\n<meta property=\"og:site_name\" content=\"HN Security\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-28T06:38:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-21T09:19:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/hnsecurity.it\/wp-content\/uploads\/2025\/09\/SEMGREP.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"836\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Marco Ivaldi\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@hnsec\" \/>\n<meta name=\"twitter:site\" content=\"@hnsec\" \/>\n<meta name=\"twitter:label1\" content=\"Scritto da\" \/>\n\t<meta name=\"twitter:data1\" content=\"Marco Ivaldi\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tempo di lettura stimato\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minuti\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/\"},\"author\":{\"name\":\"Marco Ivaldi\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#\\\/schema\\\/person\\\/89a4174c275f05d6148fb0fdedc8de4f\"},\"headline\":\"Big update to my Semgrep C\\\/C++ ruleset\",\"datePublished\":\"2023-11-28T06:38:50+00:00\",\"dateModified\":\"2025-10-21T09:19:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/\"},\"wordCount\":1523,\"publisher\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/hnsecurity.it\\\/wp-content\\\/uploads\\\/2025\\\/09\\\/SEMGREP.jpg\",\"keywords\":[\"vulnerability research\",\"static analysis\",\"c\\\/c++\",\"code review\",\"semgrep\"],\"articleSection\":[\"Articles\",\"Tools\"],\"inLanguage\":\"it-IT\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/\",\"url\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/\",\"name\":\"HN Security - Big update to my Semgrep C\\\/C++ ruleset -\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/hnsecurity.it\\\/wp-content\\\/uploads\\\/2025\\\/09\\\/SEMGREP.jpg\",\"datePublished\":\"2023-11-28T06:38:50+00:00\",\"dateModified\":\"2025-10-21T09:19:14+00:00\",\"description\":\"Introducing new Semgrep rules for C\\\/C++ SAST and vulnerability research and a static analysis workflow applied to real-world examples.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/#breadcrumb\"},\"inLanguage\":\"it-IT\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/#primaryimage\",\"url\":\"https:\\\/\\\/hnsecurity.it\\\/wp-content\\\/uploads\\\/2025\\\/09\\\/SEMGREP.jpg\",\"contentUrl\":\"https:\\\/\\\/hnsecurity.it\\\/wp-content\\\/uploads\\\/2025\\\/09\\\/SEMGREP.jpg\",\"width\":1600,\"height\":836,\"caption\":\"Semgrep logo\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/big-update-to-my-semgrep-c-cpp-ruleset\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Big update to my Semgrep C\\\/C++ ruleset\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#website\",\"url\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/\",\"name\":\"HN Security\",\"description\":\"Offensive Security Specialists\",\"publisher\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"it-IT\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#organization\",\"name\":\"HN Security\",\"url\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/hnsecurity.it\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/hn-libellula.jpg\",\"contentUrl\":\"https:\\\/\\\/hnsecurity.it\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/hn-libellula.jpg\",\"width\":696,\"height\":696,\"caption\":\"HN Security\"},\"image\":{\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/hnsec\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/hnsecurity\\\/\",\"https:\\\/\\\/github.com\\\/hnsecurity\",\"https:\\\/\\\/infosec.exchange\\\/@hnsec\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/#\\\/schema\\\/person\\\/89a4174c275f05d6148fb0fdedc8de4f\",\"name\":\"Marco Ivaldi\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"it-IT\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a8a96db06e7315a061d28b320ee7bb4c9d0f1535c58bf0f54218bf8a7569bea0?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a8a96db06e7315a061d28b320ee7bb4c9d0f1535c58bf0f54218bf8a7569bea0?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/a8a96db06e7315a061d28b320ee7bb4c9d0f1535c58bf0f54218bf8a7569bea0?s=96&d=mm&r=g\",\"caption\":\"Marco Ivaldi\"},\"url\":\"https:\\\/\\\/hnsecurity.it\\\/it\\\/blog\\\/author\\\/marco-ivaldi\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"HN Security - Big update to my Semgrep C\/C++ ruleset -","description":"Introducing new Semgrep rules for C\/C++ SAST and vulnerability research and a static analysis workflow applied to real-world examples.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/","og_locale":"it_IT","og_type":"article","og_title":"HN Security - Big update to my Semgrep C\/C++ ruleset -","og_description":"Introducing new Semgrep rules for C\/C++ SAST and vulnerability research and a static analysis workflow applied to real-world examples.","og_url":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/","og_site_name":"HN Security","article_published_time":"2023-11-28T06:38:50+00:00","article_modified_time":"2025-10-21T09:19:14+00:00","og_image":[{"width":1600,"height":836,"url":"https:\/\/hnsecurity.it\/wp-content\/uploads\/2025\/09\/SEMGREP.jpg","type":"image\/jpeg"}],"author":"Marco Ivaldi","twitter_card":"summary_large_image","twitter_creator":"@hnsec","twitter_site":"@hnsec","twitter_misc":{"Scritto da":"Marco Ivaldi","Tempo di lettura stimato":"7 minuti"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/#article","isPartOf":{"@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/"},"author":{"name":"Marco Ivaldi","@id":"https:\/\/hnsecurity.it\/it\/#\/schema\/person\/89a4174c275f05d6148fb0fdedc8de4f"},"headline":"Big update to my Semgrep C\/C++ ruleset","datePublished":"2023-11-28T06:38:50+00:00","dateModified":"2025-10-21T09:19:14+00:00","mainEntityOfPage":{"@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/"},"wordCount":1523,"publisher":{"@id":"https:\/\/hnsecurity.it\/it\/#organization"},"image":{"@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/#primaryimage"},"thumbnailUrl":"https:\/\/hnsecurity.it\/wp-content\/uploads\/2025\/09\/SEMGREP.jpg","keywords":["vulnerability research","static analysis","c\/c++","code review","semgrep"],"articleSection":["Articles","Tools"],"inLanguage":"it-IT"},{"@type":"WebPage","@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/","url":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/","name":"HN Security - Big update to my Semgrep C\/C++ ruleset -","isPartOf":{"@id":"https:\/\/hnsecurity.it\/it\/#website"},"primaryImageOfPage":{"@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/#primaryimage"},"image":{"@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/#primaryimage"},"thumbnailUrl":"https:\/\/hnsecurity.it\/wp-content\/uploads\/2025\/09\/SEMGREP.jpg","datePublished":"2023-11-28T06:38:50+00:00","dateModified":"2025-10-21T09:19:14+00:00","description":"Introducing new Semgrep rules for C\/C++ SAST and vulnerability research and a static analysis workflow applied to real-world examples.","breadcrumb":{"@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/#breadcrumb"},"inLanguage":"it-IT","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/"]}]},{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/#primaryimage","url":"https:\/\/hnsecurity.it\/wp-content\/uploads\/2025\/09\/SEMGREP.jpg","contentUrl":"https:\/\/hnsecurity.it\/wp-content\/uploads\/2025\/09\/SEMGREP.jpg","width":1600,"height":836,"caption":"Semgrep logo"},{"@type":"BreadcrumbList","@id":"https:\/\/hnsecurity.it\/it\/blog\/big-update-to-my-semgrep-c-cpp-ruleset\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hnsecurity.it\/it\/"},{"@type":"ListItem","position":2,"name":"Big update to my Semgrep C\/C++ ruleset"}]},{"@type":"WebSite","@id":"https:\/\/hnsecurity.it\/it\/#website","url":"https:\/\/hnsecurity.it\/it\/","name":"HN Security","description":"Offensive Security Specialists","publisher":{"@id":"https:\/\/hnsecurity.it\/it\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hnsecurity.it\/it\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"it-IT"},{"@type":"Organization","@id":"https:\/\/hnsecurity.it\/it\/#organization","name":"HN Security","url":"https:\/\/hnsecurity.it\/it\/","logo":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/hnsecurity.it\/it\/#\/schema\/logo\/image\/","url":"https:\/\/hnsecurity.it\/wp-content\/uploads\/2026\/01\/hn-libellula.jpg","contentUrl":"https:\/\/hnsecurity.it\/wp-content\/uploads\/2026\/01\/hn-libellula.jpg","width":696,"height":696,"caption":"HN Security"},"image":{"@id":"https:\/\/hnsecurity.it\/it\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/hnsec","https:\/\/www.linkedin.com\/company\/hnsecurity\/","https:\/\/github.com\/hnsecurity","https:\/\/infosec.exchange\/@hnsec"]},{"@type":"Person","@id":"https:\/\/hnsecurity.it\/it\/#\/schema\/person\/89a4174c275f05d6148fb0fdedc8de4f","name":"Marco Ivaldi","image":{"@type":"ImageObject","inLanguage":"it-IT","@id":"https:\/\/secure.gravatar.com\/avatar\/a8a96db06e7315a061d28b320ee7bb4c9d0f1535c58bf0f54218bf8a7569bea0?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/a8a96db06e7315a061d28b320ee7bb4c9d0f1535c58bf0f54218bf8a7569bea0?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a8a96db06e7315a061d28b320ee7bb4c9d0f1535c58bf0f54218bf8a7569bea0?s=96&d=mm&r=g","caption":"Marco Ivaldi"},"url":"https:\/\/hnsecurity.it\/it\/blog\/author\/marco-ivaldi\/"}]}},"jetpack_featured_media_url":"https:\/\/hnsecurity.it\/wp-content\/uploads\/2025\/09\/SEMGREP.jpg","_links":{"self":[{"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/posts\/2613","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/comments?post=2613"}],"version-history":[{"count":3,"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/posts\/2613\/revisions"}],"predecessor-version":[{"id":161119,"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/posts\/2613\/revisions\/161119"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/media\/159955"}],"wp:attachment":[{"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/media?parent=2613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/categories?post=2613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hnsecurity.it\/it\/wp-json\/wp\/v2\/tags?post=2613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}