Alternative functions that limit the number of bytes copied are often recommended to mitigate buffer overflow vulnerabilities. For example:
strncpy() instead of strcpy()strncat() instead of strcat()fgets() instead of gets()snprintf() instead of sprintf()These functions truncate strings that exceed the specified limits. Additionally, some functions such as {{strncpy()}} do not guarantee that the resulting string is null-terminated \[[STR32-C. Null-terminate byte strings as required]\]. |
Unintentional truncation results in a loss of data and, in some cases, leads to software vulnerabilities.
STR03-EX1: The intent of the programmer is to intentionally truncate the null-terminated byte string.
Truncating strings can lead to a loss of data.
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
STR03-A |
1 (low) |
1 (unlikely) |
2 (medium) |
P2 |
L3 |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.21, "String handling <string.h>" \[[Seacord 05a|AA. C References#Seacord 05a]\] Chapter 2, "Strings" \[[ISO/IEC TR 24731-1-2007|AA. C References#ISO/IEC TR 24731-1-2007]\] |
STR02-A. Sanitize data passed to complex subsystems 07. Characters and Strings (STR) STR05-A. Prefer making string literals const-qualified