...
The managed string library also provides a mechanism for dealing with data sanitization by (optionally) checking that all characters in a string belong to a predefined set of "safe" characters.
Compliant Solution
This compliant solution illustrates how the managed string library can be used to create a managed string and retrieve a null-terminated byte string from the managed string.
...
Note that the calls to fprintf() and printf() are C99 standard functions and not managed string functions.
Risk Assessment
String handling functions defined in C99 Section 7.21 and elsewhere are susceptible to common programming errors that can lead to serious, exploitable vulnerabilities. Managed strings, when used properly, can eliminate many of these errors--particularly in new development.
...
Examples of vulnerabilities resulting from the violation of this recommendation can be found on the CERT website.
References
| Wiki Markup |
|---|
\[[Burch 06|AA. C References#Seacord 06]\] \[[CERT 06|AA. C References#CERT 06]\] \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.21, "String handling <string.h>" \[[Seacord 05a|AA. C References#Seacord 05a]\] Chapter 2, "Strings" |