The sizeof operator yields the size (in bytes) of its operand, which may be an expression or the parenthesized name of a type. If the type of the operand is not a variable length array type the operand is not evaluated.
Providing an expression that appears to produce side effects may be misleading to programmers who are not aware that these expressions are not evaluated. As a result, programmers may make invalid assumptions about program state leading to errors and possible software vulnerabilities.
Non-Compliant Code Example
...
This example compiles cleanly under Microsoft Visual Studio 2005 Version 8.0, with the /W4 option.
Priority:
...
P3 Level: L3
If the object really is constant, the compiler may have put it in ROM or write-protected memory. Trying to modify such an object may lead to a program crash. This could allow an attacker to mount a denial-of-service attack.Operands to the sizeof operator which contain side effects are unlikely to result in software vulnerabilties, but can also be easily remediated.
Component | Value |
|---|---|
Severity | 1 (low) |
Likelihood | 2 1 (probableunlikely) |
Remediation cost | 2 3 (mediumlow) |
References
- ISO/IEC 9899-1999 Section 6.5.3.4 The sizeof operator