SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 54

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The C Standard, 7.2729.3.1 [ISO/IEC 9899:20112024], provides the following sample implementation of the asctime() function:

...

These functions are included only for compatibility with older implementations. They have undefined behavior if the resulting string would be too long, so the use of these functions should be discouraged. On implementations that do not detect output string length overflow, it is possible to overflow the output buffers in such a way as to cause applications to fail, or possible system security violations. Also, these functions do not support localized date and time formats. To avoid these problems, applications should use strftime() to generate strings from broken-down times.

The C Standard, Annex K, also defines asctime_s(), which can be used as a secure substitute for asctime().

The asctime() The asctime() function appears in the list of obsolescent functions in MSC24-C. Do not use deprecated or obsolescent functions.

...

This call has the same effects as asctime() but also ensures that no more than maxsize characters are printed, preventing buffer overflow.

Compliant Solution (asctime_s())

The C Standard, Annex K, defines the asctime_s() function, which serves as a close replacement for the asctime() function but requires an additional argument that specifies the maximum size of the resulting time string:

...

bgColor#ccccff
langc

...

Risk Assessment

On implementations that do not detect output-string-length overflow, it is possible to overflow the output buffers.

Rule

Severity

Likelihood

Detectable

Remediation Cost

Repairable

Priority

Level

MSC33-C

High

Likely

No

Low

No

P27

P9

L1

L2

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported, but no explicit checker
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-MSC33
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BADFUNC.TIME_H

Use of <time.h> Time/Date Function

Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-msc33-c
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C5032

C++5030


Klocwork
Include Page
Klocwork_V
Klocwork_V

CERT.MSC.ASCTIME


LDRA tool suite
Include Page
LDRA_V
LDRA_V
44 SEnhanced Enforcement
Parasoft C/C++test
9.5MISRA2012-RULE-21_10Strict enforcement
Include Page
Parasoft_V
Parasoft_V

CERT_C-MSC33-a

The 'asctime()' and 'asctime_r()' functions should not be used
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

586

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder

R2016a

_V

CERT C: Rule MSC33-CChecks for use
Use
of obsolete standard function
Obsolete routines can cause security vulnerabilities and portability issues
(rule partially covered)


RuleChecker
Include Page
RuleChecker_V
RuleChecker_V

Supported, but no explicit checker

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Key here (explains table format and definitions)

Taxonomy

Taxonomy item

Relationship

CERT C Secure Coding StandardMSC24-C. Do not use deprecated or obsolescent functionsPrior to 2018-01-12: CERT: Unspecified Relationship

Bibliography

[IEEE Std 1003.1:2013]XSH, System Interfaces, asctime
[ISO/IEC 9899:
2011
2024]7.
27
29.3.1, "The asctime Function"

...


...

Image Modified Image Modified Image Modified