SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 139

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 140

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFcccc
langc
char* name; /* initialized externally */
char filename[128];
sprintf(filename, "%s.txt", name);
/* openOpen filename * /

However, because the sprintf() function makes no guarantees regarding the length of the string generated, a sufficiently long string in name could generate a buffer overflow.

...

Code Block
bgColor#ccccff
langc
char* name; /* initialized externally */
char filename[128];
sprintf(filename, "%.123s.txt", name);
/* openOpen filename * /

Compliant Solution (snprintf())

...

Code Block
bgColor#ccccff
langc
char* name; /* initialized externally */
char filename[128];
snprintf(filename, sizeof(filename), "%s.txt", name);
/* openOpen filename * /

Risk Assessment

...

Tool

Version

Checker

Description

Compass/ROSE

 

 

Can detect violations of the rule. However, it is unable to handle cases involving strcpy_s() or manual string copies such as the one in the first example.

Coverity6.5

STRING_OVERFLOW

STRING_SIZE

Fully Implemented.

Fully implemented.

Fortify SCA

5.0

 

 

Klocwork

Include Page
Klocwork_V
Klocwork_V

 

 

LDRA tool suite

Include Page
LDRA_V
LDRA_V

 

 

Klocwork

Include Page
Klocwork_VKlocwork_V

 

 

Splint

Include Page
Splint_V
Splint_V

 

 

...

[Dowd 2006]Chapter 7, "Program Building Blocks" ("Loop Constructs," pp. 327–336)
[Seacord 2005a2013]Chapter 2, "Strings"
[xorl 2009]FreeBSD-SA-09:11: NTPd Remote Stack Based Buffer Overflows

...