...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
| Wiki Markup |
|---|
1.) [CVE-2009-1252|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1252] results from a violation of this rule: the Network Time Protocol (NTPd), before versions |
4.2.4p7 and 4.2.5p74 |
, contains calls to sprintf that allow execution of arbitrary code by overflowing a character array \[[xorl 2009]\]. |
Other Languages
This rule appears in the C++ Secure Coding Standard as STR31-CPP. Guarantee that storage for character arrays has sufficient space for character data and the null terminator.
...
| Wiki Markup |
|---|
\[[Dowd 06|AA. C References#Dowd 06]\] Chapter 7, "Program Building Blocks" (Loop Constructs 327-336)
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.1.1, "Definitions of terms," Section 7.21, "String handling <string.h>," Section 5.1.2.2.1, "Program startup," and Section 7.20.4.5, "The getenv function"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "CJM String Termination," "XYW Buffer Overflow in Stack", and "XYB Buffer Overflow in Heap"
\[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 119|http://cwe.mitre.org/data/definitions/119.html], "Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer," [CWE ID 193|http://cwe.mitre.org/data/definitions/193.html], "Off-by-one Error"
\[[Seacord 05a|AA. C References#Seacord 05]\] Chapter 2, "Strings"
\[[xorl 2009|AA. C References#xorl 2009]\] FreeBSD-SA-09:11: NTPd Remote Stack Based Buffer Overflows |
...
07. Characters and Strings (STR) STR32-C. Null-terminate byte strings as required