...
A good example is the null-terminated byte string type in C. If a string lacks the terminating null character, the program may be tricked into accessing storage after the string as legitimate data. A program may, as a result, process a string it should not process, which might be a security flaw in itself. It may also cause the program to abort, which might be a denial-of-service attack.
The emphasis of this rule recommendation is to avoid producing unterminated strings; it does not address processing of already existing unterminated strings. However, by preventing the creation of unterminated strings, the need to process them is greatly lessened.
...
Code Block | ||||
---|---|---|---|---|
| ||||
char *source; char a[NTBS_SIZE]; /* ... */ if (source) { char* b = strncpy(a, source, 5); // b == a } else { /* Handle null string condition */ } |
Compliant Solution (strncpy_s()
, C11 Annex K)
The C11 Annex K strncpy_s()
function copies up to n
characters from the source array to a destination array [TR 24731]. If no null character was copied from the source array, the n
th position in the destination array is set to a null character, guaranteeing that the resulting string is null-terminated.
...
Failure to enforce type safety can result in type errors in the program.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
API07-C |
Medium |
Unlikely |
Medium | P4 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
CodeSonar |
| LANG.CAST.VALUE LANG.CAST.COERCE ALLOC.TM | Cast alters value |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
---|---|---|
ISO/IEC TR 24772:2013 | String |
Termination [ |
strncpy_s
function"CJM] | Prior to 2018-01-12: CERT: Unspecified Relationship | |
MITRE CWE | CWE-192 | Prior to 2018-01-12: |
MITRE CWE | CWE-227 | Prior to 2018-01-12: |
MITRE CWE | CWE-590 | Prior to 2018-01-12: |
MITRE CWE | CWE-686 | Prior to 2018-01-12: |
MITRE CWE | CWE-704 | Prior to 2018-01-12: |
MITRE CWE | CWE-761 | Prior to 2018-01-12: |
MITRE CWE | CWE-762 | Prior to 2018-01-12: |
MITRE CWE | CWE-843 | Prior to 2018-01-12: |
...