...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
This rule appears in the C++ Secure Coding Standard as STR32-CPP. Null-terminate byte strings as required.
References
Wiki Markup |
---|
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.1.1, "Definitions of terms," Section 7.20.3.4 "The realloc function," and Section 7.21, "String handling <string.h>" \[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "CJM String Termination" \[[ISO/IEC TR 24731-1:2007|AA. C References#ISO/IEC TR 24731-1-2007]\] Section 6.7.1.4, "The strncpy_s function" \[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 119|http://cwe.mitre.org/data/definitions/119.html], "Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer," [CWE ID 170|http://cwe.mitre.org/data/definitions/170.html], "Improper Null Termination" \[[Schwarz 05|AA. C References#Schwarz 05]\] \[[Seacord 05a|AA. C References#Seacord 05]\] Chapter 2, "Strings" \[[Viega 05|AA. C References#Viega 05]\] Section 5.2.14, "Miscalculated NULL termination" |
...