...
Failing to properly null-terminate the result of readlink() can result in abnormal program termination and buffer-overflow vulnerabilities.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
POS30-C | high | probable | medium | P12 | L1 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| Supported: Can be checked with appropriate analysis stubs. | |||||||
| Axivion Bauhaus Suite |
| CertC-POS30 | |||||||
| CodeSonar |
| LANG.MEM.BO | Buffer Overrun | ||||||
| Compass/ROSE |
| Coverity |
| READLINK | Implemented | ||||||
| Helix QAC |
| C5033 | |||||||
| Klocwork |
| ABV.GENERAL | |||||||
| Parasoft C/C++test |
| CERT_C-POS30-a | Avoid overflow due to reading a not zero terminated string | |||||||
| CERT C: Rule POS30-C | Checks for misuse of readlink() (rule partially covered) |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CWE 2.11 |
| CWE-170, Improper null termination | 2017-06-13: CERT: Rule subset of CWE |
CERT-CWE Mapping Notes
Key here for mapping notes
CWE-170 and POS30-C
CWE-170 = Union( POS30-C, list) where list =
- Non-null terminated strings fed to functions other than POSIX readlink()
Bibliography
...
...