Page History

...

...

• Do not need to set errno on an error.
• Have undefined behavior if the value of the result cannot be represented. (See undefined behavior 119 of Annex J of the C Standard.)
• Return 0 if the string does not represent an integer (which is indistinguishable from a correctly formatted, zero-denoting input string), but the C Standard only specifies the behavior of these functions on success.

See also MSC34MSC24-C. Do not use deprecated or obsolete obsolescent functions.

Compliant Solution (strtol())

...

long sl;
int si;
char *end_ptr;

if (argc > 1) {
  errno = 0;

  sl = strtol(argv[1], &end_ptr, 10);

  if ((sl == LONG_MIN || sl == LONG_MAX)
   && errno != 0)
  {
    perror("strtol error");
  }
  else if (end_ptr == argv[1]) {
    if (puts("error encountered during conversion") == EOF) {
      /* Handle Errorerror */
    }
  }
  else if (sl > INT_MAX) {
    printf("%ld too large!\n", sl);
  }
  else if (sl < INT_MIN) {
    printf("%ld too small!\n", sl);
  }
  else if ('\0' != *end_ptr) {
    if (puts("extra characters on input line\n") == EOF) {
      /* Handle Errorerror */
    }
  }
  else {
    si = (int)sl;
  }
}

...

Although it is rare for a violation of this rule to result in a security vulnerability, it can easily result in lost or misinterpreted data.

Automated Detection

This rule in general cannot be detected, although various examples can be detected by simply scanning for functions that have equivalent functions with better error handling.

...

...