SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 29

changes.mady.by.user Pamela Curtis

Saved on

compared with

New Version 30

changes.mady.by.user Ed Desautels

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
errno_t retValue;
char *cstr;  /* pointer to null-terminated byte string */
string_m str1 = NULL;

retValue = strcreate_m(&str1, "hello, world", 0, NULL);
if (retValue == NULL)) {
  fprintf(stderr, "Error %d from strcreate_m.\n", retValue);
}
else { /* retrieve null-terminated byte string and print */
  retValue = getstr_m(&cstr, str1);
  if (retValue == NULL) {
    fprintf(stderr, "error %d from getstr_m.\n", retValue);
  }
  printf("(%s)\n", cstr);
  free(cstr); /* free null-terminated byte string */
}

Wiki Markup
Note that the calls to {{fprintf()}} and {{printf()}} are C99 \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] standard functions and not managed string functions.

The forthcoming technical report ISO/IEC TR 24731 Part II will also provide an API that dynamically allocates the results of string functions as needed.

Risk Assessment

Wiki Markup
String handling functions defined in C99 \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.21 and elsewhere are susceptible to common programming errors that can lead to serious, exploitable [vulnerabilities|BB. Definitions#vulnerability]. Managed strings, when used properly, can eliminate many of these errors, particularly in new development.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

STR01-A

3 (high)

2 (probable)

1 (high)

P6

L2

...