...
ISO/IEC TR 24731 functions are still capable of overflowing a buffer if the maximum length of the destination buffer and number of characters to copy are incorrectly specified. As a result, these functions are not especially secure but may be useful in preventive maintenance to reduce the likelihood of vulnerabilities in an existing legacy code base.
...
Risk Assessment
String handling functions defined in C99 Section 7.21 and elsewhere are susceptible to common programming errors that can lead to serious, exploitable vulnerabilities. Proper use of TR 24731 functions can eliminate the majority of these issues.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level | |
|---|---|---|---|---|---|---|
STR00-A | ||||||
Component | Value | |||||
Severity | 3 (medium) | Likelihood | 2 (probable) Remediation cost | 2 (medium) | P12 | L1 |
References
- ISO/IEC TR 24731-2006
- ISO/IEC 9899-1999 Section 7.21 String handling <string.h>
- Seacord 05a Chapter 2 Strings
- Seacord 05b