...
The emphasis of this rule is to avoid producing unterminated stringstrings; it does not address processing of already existing unterminated strings. However, by preventing the creation of unterminated strings, the need to process them is greatly lessened.
...
The standard strncpy() function does not guarantee that the resulting string is null-terminated [ISO/IEC 9899:2011]. If there is no null character in the first n characters of the source array, the result may not be null-terminated.
| Code Block | ||||
|---|---|---|---|---|
| ||||
char *source;
char a[NTBS_SIZE];
/* ... */
if (source) {
char* b = strncpy(a, source, 5); // b == a
}
else {
/* handleHandle NULLnull string condition */
}
|
Compliant Solution (strncpy_s())
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
char *source;
char a[NTBS_SIZE];
/* ... */
if (source) {
errno_t err = strncpy_s(a, sizeof(a), source, 5);
if (err != 0) {
/* Handle error */
}
}
else {
/* handleHandle NULLnull string condition */
}
|
Risk Assessment
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...
| String termination |
...
| [CMJ] | |
| ISO/IEC TR 24731-1:2007 | Section 6.7.1.4, "The strncpy_s function" |
...
...