Page History

...

Code Block

bgColor	#ccccff
lang	c

char *token;
const char *path = getenv("PATH");
/* PATH is something like "/usr/bin:/bin:/usr/sbin:/sbin" */

char *copy = (char *)malloc(strlen(path) + 1);
if (copy == NULL) {
  /* handleHandle error */
}
strcpy(copy, path);
token = strtok(copy, ":");
puts(token);

while (token = strtok(0, ":")) {
  puts(token);
}

free(copy);
copy = NULL;

printf("PATH: %s\n", path);
/* PATH is still "/usr/bin:/bin:/usr/sbin:/sbin" */

...

The improper use of strtok() is likely to result in truncated data, producing unexpected results later in program execution.

Recommendation	Severity	Likelihood

Remediation Cost

Detectable	Repairable	Priority	Level
STR06-C	Medium

medium

Likely

likely

No

medium

No

P12

P6

L1

L2

Automated Detection

Tool

Version

Checker

Description

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

(customization)

Users who wish to avoid using strtok() entirely can add a custom check for all uses of strtok().

Compass/ROSE

Fortify SCA

5.0

Can detect violations of this rule with CERT C Rule Pack.


Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C5007

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

602 S

Fully implemented

Enhanced Enforcement

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C: Rec. STR06-C

Checks for string passed to strok() without copying.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++

Secure

Coding Standard	VOID STR06-CPP. Do not assume that strtok() leaves the parse string unchanged
MITRE CWE	CWE-464, Addition of data structure sentinel

Bibliography

[Linux 2008]

strtok(3)

...

Image Modified Image Modified Image Modified

Space shortcuts

Page tree

Versions Compared

Old Version 89

New Version Current

Key

Automated Detection

Related Vulnerabilities

Related Guidelines

Bibliography