...
| Code Block |
|---|
j = i; j++; func(i, j); |
Priority: P8 Level: L2
Risk Assessment
Failure to properly null terminate null-terminated byte strings can result in buffer overflows and the execution of arbitrary code with the permissions of the vulnerable process by an attacker.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP30-C | 2 (mediium) | ||||
Component | Value | ||||
Severity | 2 (medium) | ||||
Likelihood | 2 (probable) Remediation cost | 2 (medium) | P8 | L2 |
References
- ISO/IEC 9899-1999 Section 5.1.2.3, "Program execution"
- ISO/IEC 9899-1999 Section 6.5, "Expressions"
- ISO/IEC 9899-1999 Annex C, "Sequence points"
- Summit 05 Questions 3.1, 3.2, 3.3, 3.3b, 3.7, 3.8, 3.9, 3.10a, 3.10b, 3.11