...
Compass/ROSE can detect violations of the rule. However, it is unable to handle cases involving strcpy_s() or manual string copies such as the one in the first example.
Klocwork Version 8.0.4.16 can detect violations of this rule with the NNTS, SV.STRBO.BOUND_COPY, SV.STRBO.BOUND_SPRINTF, SV.STRBO.UNBOUND_COPY, SV.STRBO.UNBOUND_SPRINTF, and SV.USAGERULES.UNBOUNDED_STRING_COPY checkers.many different checkers. See Klocwork Cross Reference
Related Vulnerabilities
| Wiki Markup |
|---|
[CVE-2009-1252|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1252] results from a violation of this rule. The Network Time Protocol (NTPd), before versions 4.2.4p7 and 4.2.5p74, contained calls to sprintf that allow an attacker to execute arbitrary code by overflowing a character array \[[xorl 2009|http://xorl.wordpress.com/2009/06/10/freebsd-sa-0911-ntpd-remote-stack-based-buffer-overflows/]\]. |
...