SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 25

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version Current

changes.mady.by.user Will Snavely

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note
titleDeprecated

This guideline has been deprecated.  It has been superseded by:

11/05/2014 -- Version 2.0

 

When a guideline has been deprecated, it will remain available until the next major release at which point it will be moved to

The managed string library described in Specifications for Managed Strings [Burch 2006] was developed in response to the need for a string library that could improve the quality and security of newly developed C language code while eliminating obstacles to widespread adoption and possible standardization.

...

The managed string library also provides a mechanism for dealing with data sanitization by (optionally) checking that all characters in a string belong to a predefined set of safe characters.

The following code shows how the managed string library can be used to create a managed string and retrieve a null-terminated byte string from the managed string.:

Code Block
errno_t retValue;
char *cstr;  /* pointerPointer to null-terminated byte string */
string_mx *str1 = NULL;

retValue = strcreate_m(&str1, "hello, world", 0, NULL);
if (retValue != 0) {
  fprintf(stderr, "Error %d from strcreate_m.\n", retValue);
}
else { /* retrieveRetrieve null-terminated byte string and print */
  retValue = getstr_m(&cstr, str1);
  if (retValue != 0) {
    fprintf(stderr, "error %d from getstr_m.\n", retValue);
  }
  printf("(%s)\n", cstr);
  free(cstr); /* freeFree null-terminated byte string */
  cstr = NULL;
}

Note that the calls to fprintf() and printf() are C standard functions [ISO/IEC 9899:2011] standard Standard functions and not managed string functions.

The technical report ISO/IEC TR 24731-2 [ISO/IEC TR 24731-2:2010] also provides an API that dynamically allocates the results of string functions as needed.

...

String-handling functions defined in the C standardStandard, section subclause 7.24 [ISO/IEC 9899:2011]24, and elsewhere are susceptible to common programming errors that can lead to serious, exploitable vulnerabilities. Managed strings, when used properly, can eliminate many of these errors, particularly in new development.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

STR08-C

highHigh

probableProbable

highHigh

P6

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

ISO/IEC 9899:2011 Section 7.24, "String handling <string.h>"

Bibliography

[Burch 2006] 
[CERT 2006c] 
[Seacord

...

2013]Chapter 2, "Strings"

 

...

Image Modified Image Modified Image Modified