SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 49

changes.mady.by.user Melanie Thompson

Saved on

compared with

New Version 50

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Macros are frequently used in the remediation of existing code to globally replace one identifier with another, for example, when an existing API changes. While there is always some risk involved, this practice becomes particularly dangerous if a function name is replaced with the function name of a deprecated or obsolescent functions. Deprecated functions are defined by the C99 standard and Technical Corrigenda. Obsolescent functions are defined by guideline rule MSC34-C. Do not use deprecated or obsolescent functions.

While compliance with guideline rule MSC34-C. Do not use deprecated or obsolescent functions guarantees compliance with this guidelinerecommendation, the emphasis of this recommendation emphasizes is the extremely risky and deceptive practice of replacing functions with less secure alternatives.

...

Replacing secure functions with less secure functions is a very risky practice because developers can be easily fooled into trusting the function to perform a security check that is absent. This may be a concern, for example, as developers attempt to adopt more secure functions, like the ISO/IEC TR 24731-1 functions that might not be available on all platforms. (See guideline recommendation STR07-C. Use TR 24731 for remediation of existing string manipulation code.)

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C++ Secure Coding Standard: PRE09-CPP. Do not replace secure functions with less secure functions

Bibliography

unmigrated-wiki-markup

\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 7.19.6.12, "The {{vsnprintf}} function" \[[ISO/IEC PDTR 24772|AA. Bibliography#ISO

ISO/IEC PDTR 24772]\] "XYS Executing or Loading Untrusted Code"

MITRE CWE: CWE-684, "Failure to Provide Specified Functionality"

Bibliography

Wiki Markup

\[[MITRE 2007|AA. Bibliography#MITRE 07]\] [CWE ID 684|http://cwe.mitre.org/data/definitions/684.html], "Failure to Provide Specified Functionality"
\[[Open Group 2004|AA. Bibliography#Open Group 04]\] [{{vsnprintf()}}|http://www.opengroup.org/onlinepubs/009695399/functions/vsnprintf.html]
\[[Seacord 2005a|AA. Bibliography#Seacord 05]\] Chapter 6, "Formatted Output"
\[[VU#654390|AA. Bibliography#VU#654390]\]

...