...
| Code Block | ||
|---|---|---|
| ||
mytypedef_t x;
printf("%lu%llu", x);
|
Compliant Solution (printf())
This compliant solution uses the correct format for the type being usedguarantees that the correct value of x is printed, regardless of its length, provided that mytypedef_t is an unsigned type.
| Code Block | ||
|---|---|---|
| ||
mytypedef_t x;
printf("%ju", (uintmax_t)x);
|
Non-Compliant Code Example (scanf())
There is no guarantee that this This non-compliant code example prints the correct value of xwill result in a "buffer overflow", if the size of mytypedef_t is smaller than unsigned long long or it may result in an incorrect value if the size of mytypedef_t is larger than unsigned long long.
| Code Block | ||
|---|---|---|
| ||
mytypedef_t x;
scanf("%lu%llu", &x);
|
Compliant Solution (scanf())
This compliant solution uses the correct format for the type being usedguarantees that a correct value in the range of mytypedef_t is read, or an error condition is detected.
| Code Block | ||
|---|---|---|
| ||
mytypedef_t x;
uintmax_t temp;
scanf("%ju", &temp);
if (temp > MYTYPEDEF_MAX) {
/* handle error */
}
x = temp;
|
Risk Assessment
Failure to use an appropriate conversion specifier when inputting or outputting user-defined integer types can result in buffer overflow and lost or misinterpreted data.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
INT15-A | low | unlikely likely | high medium | P1 P6 | L3 L2 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...