SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 42

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 43

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider v2.1 (sch jbop) (X_X)@==(Q_Q)@

...

The semantics of strcpy_s() are also similar to the semantics of strcpy(). When there are no input validation errors, the strcpy_s() function copies characters from a source string to a destination character array up to and including the terminating NULL null character. The function returns zero on success.

...

When a runtime-constraint violation is detected, the destination string is set to the NULL string (as long as it is not a NULL null pointer and the maximum length of the destination buffer is greater than zero and not greater than RSIZE_MAX) and the function returns a nonzero value. In the following example, the strcpy_s() function is used to copy src1 to dst1.

...

Wiki Markup
However, the call to copy {{src2}} to {{dst2}} fails because there is insufficient space available to copy the entire string, which consists of eight characters, to the destination buffer. As a result, {{r2}} is assigned a nonzero value and {{dst2\[0\]}} is set to the NULLnull character.

Users of the ISO/IEC TR 24731-1 functions are less likely to introduce a security flaw because the size of the destination buffer and the maximum number of characters to append must be specified.  ISO/IEC TR 24731 Part II (24731-2, in progress) will offer another approach, supplying functions that allocate enough memory for their results.  ISO/IEC TR 24731 functions also ensure NULL termination of the destination string.

...

The following non-compliant code overflows its buffer if msg is too long, and has undefined behavior if msg is a NULL null pointer.

Code Block
bgColor#FFCCCC
void complain(char const *msg) {
  static char const prefix[] = "Error: ";
  static char const suffix[] = "\n";
  char buf[BUFSIZ];

  strcpy(buf, prefix);
  strcat(buf, msg);
  strcat(buf, suffix);
  fputs(buf, stderr);
}

...

Wiki Markup
\[[ISO/IEC TR 24731-1-:2007|AA. C References#ISO/IEC TR 24731-1-2007]\]
\[[ISO/IEC 9899-:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.21, "String handling <string.h>"
\[[Seacord 05a|AA. C References#Seacord 05a]\] Chapter 2, "Strings"
\[[Seacord 05b|AA. C References#Seacord 05b]\]

...