SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 137

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 138

changes.mady.by.user Unknown User (lflynn)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

ISO/IEC TR 24772:2013String Termination [CMJ]Prior to 2018-01-12: CERT: Unspecified Relationship
ISO/IEC TS 17961:2013Passing a non-null-terminated character sequence to a library function that expects a string [strmod]Prior to 2018-01-12: CERT: Unspecified Relationship
CWE 2.11MITRE CWECWE-119, Improper Restriction of Operations within the Bounds of a Memory Buffer2017-05-18: CERT: Rule subset of CWE
CWE 2.11CWE-123, Write-what-where Condition2017-06-12: CERT: Partial overlap
CWE 2.11CWE-125, Out-of-bounds Read2017-05-18: CERT: Rule subset of CWE
CWE 2.11CWE-170, Improper Null Termination2017-06-13: CERT: Exact

CERT-CWE Mapping Notes

Key here for mapping notes

CWE-119 and STR32-C

Independent( ARR30-C, ARR38-C, ARR32-C, INT30-C, INT31-C, EXP39-C, EXP33-C, FIO37-C) STR31-C = Subset( Union( ARR30-C, ARR38-C)) STR32-C = Subset( ARR38-C)

CWE-119 = Union( STR32-C, list) where list =

  • Out-of-bounds reads or writes that do not involve non-null-terminated byte strings.

CWE-125 and STR32-C

Independent( ARR30-C, ARR38-C, EXP39-C, INT30-C) STR31-C = Subset( Union( ARR30-C, ARR38-C)) STR32-C = Subset( ARR38-C)

CWE-125 = Union( STR32-C, list) where list =

  • Out-of-bounds reads that do not involve non-null-terminated byte strings.

CWE-123 and STR32-C

Independent(ARR30-C, ARR38-C) STR31-C = Subset( Union( ARR30-C, ARR38-C)) STR32-C = Subset( ARR38-C)

Intersection( CWE-123, STR32-C) =

  • Buffer overflow from passing a non-null-terminated byte string to a standard C library copying function that expects null termination, and that overwrites an (unrelated) pointer

STR32-C - CWE-123 =

  • Buffer overflow from passing a non-null-terminated byte string to a standard C library copying function that expects null termination, but it does not overwrite an (unrelated) pointer

CWE-123 – STR31-C =

  • Arbitrary writes that do not involve standard C library copying functions, such as strcpy()

Bibliography

[Seacord 2013] Chapter 2, "Strings" 
[Viega 2005]Section 5.2.14, "Miscalculated NULL Termination"

...