You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 25 Next »

Null-terminated byte strings are, by definition, null-terminated. String operations cannot determine the length or end of strings that are not properly null-terminated, which can consequently result in buffer overflows and other undefined behavior.

Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.

Exception

An exception to this rule applies if the intent of the programmer is to convert a null-terminated byte string to a character array.  To be compliant with this standard, this intent must be clearly stated in comments.

Risk Assessment

Failure to properly null terminate null-terminated byte strings can result in buffer overflows and the execution of arbitrary code with the permissions of the vulnerable process by an attacker.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR32-C

3 (high)

2 (probable)

2 (medium)

P12

L1

Examples of vulnerabilities resulting from the violation of this rule can be found on the CERT website.

References

[[ISO/IEC 9899-1999]] Section 7.1.1, "Definitions of terms," and Section 7.21, "String handling <string.h>"
[[Seacord 05]] Chapter 2, "Strings"
[[ISO/IEC TR 24731-2006]] Section 6.7.1.4, "The strncpy_s function"
[[Viega 05]] Section 5.2.14, "Miscalculated null termination"

  • No labels