...
This rule is a generalization of guideline STR37-C. Arguments to character handling functions must be representable as an unsigned char.
...
This solution, however, is in violation of guideline STR04-C. Use plain char for characters in the basic character set.
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
STR34-C | medium | probable | medium | P8 | L2 |
Automated Detection
...
Tool | Version | Checker | Description |
|---|---|---|---|
|
...
|
|
| ||||||||
|
|
|
|
...
|
...
|
|
|
|
...
Related Vulnerabilities
| Wiki Markup |
|---|
[CVE-2009-0887|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0887] results from a violation of this rule. In Linux PAM (up to version 1.0.3), the {{libpam}} implementation of strtok casts a (potentially signed) character to an integer, for use as an index to an array. An attacker can exploit this by inputting a string with non-ASCII characters, causing the cast to result in a negative index and accessing memory outside of the array \[[xorl 2009|http://xorl.wordpress.com/2009/03/26/cve-2009-0887-linux-pam-singedness-issue/]\]. |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
Related Guidelines
This rule appears in the C++ Secure Coding Standard as : STR34-CPP. Cast characters to unsigned types before converting to larger integer sizes.
Bibliography
| Wiki Markup |
|---|
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.2.5, "Types" \[[MISRA 042004|AA. Bibliography#MISRA 04]\] Rule 6.1, "The plain char type shall be used only for the storage and use of character values." \[[MITRE 072007|AA. Bibliography#MITRE 07]\] [CWE ID 704|http://cwe.mitre.org/data/definitions/704.html], "Incorrect Type Conversion or Cast" \[[xorl 2009|AA. Bibliography#xorl 2009]\] ["CVE-2009-0887: Linux-PAM Singedness Issue"|http://xorl.wordpress.com/2009/03/26/cve-2009-0887-linux-pam-singedness-issue/] |
...