SEI CERT C Coding Standard

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 19 Next »

Alternative functions that limit the number of bytes copied are often recommended to mitigate buffer overflow vulnerabilities. For example:

  • strncpy() instead of strcpy()
  • strncat() instead of strcat()
  • fgets() instead of gets()
  • snprintf() instead of sprintf()

These functions truncate strings that exceed the specified limits. Additionally, some functions such as strncpy() do not guarantee that the resulting string is null-terminated [[STR33-C]].

Unintentional truncation results in a loss of data and, in some cases, leads to software vulnerabilities.

Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.

Exception

An exception to this rule applies if the intent of the programmer was to intentionally truncate the null-terminated byte string. To be compliant with this standard, this intent must be clearly stated in comments.

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

STR03-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

Examples of vulnerabilities resulting from the violation of this recommendation can be found on the CERTwebsite.

References

[[ISO/IEC 9899-1999]] Section 7.21, "String handling <string.h>"
[[Seacord 05a]] Chapter 2, "Strings"
[[ISO/IEC TR 24731-2006]]

  • No labels