Skip to main content

IAR Embedded Workbench for Arm 9.70.x

MISRAC2012-Rule-21.17_f

In this section:
Synopsis

(Mandatory) Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters.

Enabled by default

Yes

Severity/Certainty

High/Medium

highmedium.png
Full description

A call to strncpy might cause a destination buffer overrun.

Coding standards
MISRA C:2012 Rule-21.17

(Mandatory) Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters

Code examples

The following code example fails the check and will give a warning:

#include <string.h>
#include <stdlib.h>

void example(void)
{
  char *str1 = "Hello World!\n";
  char *str2 = (char *)malloc(13);
  strncpy(str2,str1,14);
}

The following code example passes the check and will not give a warning about this issue:

#include <string.h>
#include <stdlib.h>

void example(void)
{
  char *str1 = "Hello World!\n";
  char *str2 = (char *)malloc(14);
  strncpy(str2, str1, 14);
}