...
The managed string library also provides a mechanism for dealing with data sanitization by (optionally) checking that all characters in a string belong to a predefined set of "safe" characters.
Compliant Solution
This compliant solution illustrates how the managed string library can be used to create a managed string and retrieve a null-terminated byte string from the managed string.
| Code Block |
|---|
errno_t retValue;
char *cstr; // c style string
string_m str1 = NULL;
if (retValue = strcreate_m(&str1, "hello, world", 0, NULL)) {
fprintf(stderr, "Error %d from strcreate_m.\n", retValue);
}
else { // print string
if (retValue = getstr_m(&cstr, str1)) {
fprintf(stderr, "error %d from getstr_m.\n", retValue);
}
printf("(%s)\n", cstr);
free(cstr); // free duplicate string
}
|
Note that the calls to fprtinf() and fprint() string are C99 standard functions and not managed string functions.
Priority: P6 Level: L1
String handling functions defined in C99 Section 7.21 and elsewhere are susceptible to common programming errors that can lead to serious, exploitable vulnerabilities. Managed strings, when used properly, can eliminate many of these errors--particularly in new development.
...
- Burch 06
- Managed String Library http://www.cert.org/secure-coding/managedstring.html
- ISO/IEC 9899-1999 Section 7.21 String handling <string.h>
- Seacord 05a Chapter 2 Strings