MSC34-C. Do not use deprecated or obsolescent functions

Do not use deprecated or obsolescent functions when more secure equivalent functions are available.
Deprecated functions are defined by the C99 standard and Technical Corrigenda. Obsolescent functions are defined by this guideline.

Deprecated Functions

The gets function was deprecated by Technical Corrigendum 3.

Obsolescent Functions

The following functions are obsolescent and should be avoided in favor of either the portable equivalent or, if available, the more secure alternatives defined in [ISO/IEC TR 24731-1] Extensions to the C Library, — Part I: Bounds-checking interfaces, and [ISO/IEC TR 24731-2] Extensions to the C Library, — Part II: Dynamic Allocation Functions. [xxxx add the Part II functions in the list below] (Several of the "Portable Equivalent" entries are specified in the POSIX standard.)

Function	Portable Equivalent	Secure Alternative
`asctime`		`asctime_s`
`atof`	`strtod`
`atoi`	`strtol`
`atol`	`strtol`
`atoll`	`strtoll`
`bsearch`		`bsearch_s`
`ctime`		`ctime_s`
`fopen`	`fmemopen, open_memstream`	`fopen_s`
`fopen`	`open_wmemstream`
`fprintf`		`fprintf_s`
`freopen`		`freopen_s`
`fscanf`	`getdelim,getline`	`fscanf_s`
`fwprintf`		`fwprintf_s`
`fwscanf`	`getwdelim,getwline`	`fwscanf_s`
`getenv`		`getenv_s`
`gmtime`		`gmtime_s`
`localtime`		`localtime_s`
`mbsrtowcs`		`mbsrtowcs_s`
`mbstowcs`		`mbstowcs_s`
`memcpy`		`memcpy_s`
`memmove`		`memmove_s`
`printf`		`printf_s`
`qsort`		`qsort_s`
`remove`
`rename`
`rewind`	`fseek`
`setbuf`	`vsetbuf`
`snprintf`		`snprintf_s`
`sprintf`	`asprintf`	`sprintf_s`
`sscanf`		`sscanf_s`
`strcat`		`strcat_s`
`strcpy`	`stpcpy,strdup`	`strcpy_s`
`strerror`	`strerror_r`	`strerror_s`
`strncat`		`strncat_s`
`strncpy`	`stpncpy,strndup`	`strncpy_s`
`strtok`	`strtok_r`	`strtok_s`
`swprintf`	`aswprintf`	`swprintf_s`
`swscanf`		`swscanf_s`
`tmpfile`	`mkstemp`	`tmpfile_s`
`tmpfile_s`	`mkstemp`
`tmpnam`	`mkstemp`	`tmpnam_s`
`vfprintf`		`vfprintf_s`
`vfscanf`		`vfscanf_s`
`vfwprintf`		`vfwprintf_s`
`vfwscanf`		`vfwscanf_s`
`vprintf`		`vprintf_s`
`vscanf`		`vscanf_s`
`vsnprintf`		`vsnprintf_s`
`vsprintf`	`vasprintf`	`vsprintf_s`
`vsscanf`		`vsscanf_s`
`vswprintf`	`vaswprintf`	`vswprintf_s`
`vswscanf`		`vswscanf_s`
`vwprintf`		`vwprintf_s`
`vwscanf`		`vwscanf_s`
`wcrtomb`		`wcrtomb_s`
`wcscat`		`wcscat_s`
`wcscpy`		`wcscpy_s`
`wcsncat`		`wcsncat_s`
`wcsncpy`		`wcsncpy_s`
`wcsrtombs`		`wcsrtombs_s`
`wcstok`		`wcstok_s`
`wcstombs`		`wcstombs_s`
`wctomb`		`wctomb_s`
`wmemcpy`		`wmemcpy_s`
`wmemmove`		`wmemmove_r`
`wprintf`		`wprintf_s`
`wscanf`		`wscanf_s`

Noncompliant Code Example

In this noncompliant code example, strcat() and strcpy() are used.

enum { BUFFERSIZE=256 };

void complain(const char *msg) {
  static const char prefix[] = "Error: ";
  static const char suffix[] = "\n";
  char buf[BUFFERSIZE];

  strcpy(buf, prefix);
  strcat(buf, msg);
  strcat(buf, suffix);
  fputs(buf, stderr);
}

Compliant Solution

In this compliant solution, strcat() and strcpy() are replaced by strcat_s() and strcpy_s().

enum { BUFFERSIZE=256 };

void complain(const char *msg) {
  static const char prefix[] = "Error: ";
  static const char suffix[] = "\n";
  char buf[BUFFERSIZE];

  strcpy_s(buf, BUFFERSIZE, prefix);
  strcat_s(buf, BUFFERSIZE, msg);
  strcat_s(buf, BUFFERSIZE, suffix);
  fputs(buf, stderr);
}