...
Incorrectly using the sizeof operator to determine the size of an array can result in a buffer overflow, allowing the execution of arbitrary code.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ARR01-C | High | Probable | Low | P18 | L1 |
Automated Detection
Tool | Version | Checker | Description |
|---|---|---|---|
| Compass/ROSE |
Can detect violations of the recommendation but cannot distinguish between incomplete array declarations and pointer declarations | |||||||||
| Klocwork |
| CWARN.MEMSET.SIZEOF.PTR | Fully implemented | ||||||
| LDRA tool suite |
| 401 S | Fully implemented | ||||||
| Parasoft C/C++test |
|
|
| PB-32 | Fully implemented | |||||
| Polyspace Bug Finder | R2016a | Possible misuse of sizeof | Use of | ||||
| Splint |
|
| PVS-Studio | 6.22 | V511, V512, V514, V568, V579, V604, V697 | General analysis rule set |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT C | CTR01-CPP. Do not apply the sizeof operator to a pointer when taking the size of an array | Prior to 2018-01-12: CERT: Unspecified Relationship |
| CWE 2.11 | CWE-467, Use of sizeof() on a pointer type | Prior to 2018-01-12: CERT: |
| ISO/IEC TS 17961 | Taking the size of a pointer to determine the size of the pointed-to type [sizeofptr] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| MITRE CWE | CWE-569 | Prior to 2018-01-12: |
| MITRE CWE | CWE-783 | Prior to 2018-01-12: |
Bibliography
| [Drepper 2006] | Section 2.1.1, "Respecting Memory Bounds" |
| [ISO/IEC 9899:2011] | Subclause 6.5.3.4, "The sizeof and _Alignof Operators" |
...
...