SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 86

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 87

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Noncompliant Code Example

Wiki MarkupData sanitization requires an understanding of the data being passed and the capabilities of the subsystem. John Viega and Matt Messier provide an example of an application that inputs an email address into a buffer and then uses this string as an argument in a call to {{system()}} \ [[Viega 2003|AA. Bibliography#Viega 03]\]:

Code Block
bgColor#FFCCCC
langc
sprintf(buffer, "/bin/mail %s < /tmp/email", addr);
system(buffer);

...

Noncompliant Code Example

Wiki MarkupThis noncompliant code example is taken from \ [[VU#881872|AA. Bibliography#VU881872]\], a vulnerability in the Sun Solaris TELNET daemon ({{in.telnetd}}) that allows a remote attacker to log on to the system with elevated privileges.

The vulnerability in in.telnetd invokes the login program by calling execl(). This call passes unsanitized data from an untrusted source (the USER environment variable) as an argument to the login program.

...

Tool

Version

Checker

Description

Section

Fortify SCA

Section

V. 5.0

 

 

Section

Klocwork

Include Page
c:Klocwork_Vc:
Klocwork_V
Section

NNTS.TAINTED SV.TAINTED.INJECTION

 

...

ISO/IEC 9899:1999 Section 7.20.4.6, "The system function"

Bibliography

Wiki Markup\[[Viega 2003|AA. Bibliography#Viega 03]\]

...

      07. Characters and Strings (STR)      STR03-C. Do not inadvertently truncate a null-terminated byte string