SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 20

changes.mady.by.user Osona Steave

Saved on

compared with

New Version 21

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider (sch jbop) (X_X)@==(Q_Q)@

...

Wiki Markup
These functions truncate strings that exceed the specified limits. Additionally, some functions such as {{strncpy()}} do not guarantee that the resulting string is null-terminated \[[STR33-C|STR32-C. Guarantee that all byte strings are null-terminated]\].

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR03-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

Related Vulnerabilities

Search for Examples of vulnerabilities resulting from the violation of this recommendation can be found rule on the CERT website.

References

Wiki Markup
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.21, "String handling <string.h>"
\[[Seacord 05a|AA. C References#Seacord 05a]\] Chapter 2, "Strings"
\[[ISO/IEC TR 24731-2006|AA. C References#ISO/IEC TR 24731-2006]\]