CERT-ARR38-C_a
Synopsis
Guarantee that library functions do not form invalid pointers.
Enabled by default
Yes
Severity/Certainty
High/High
Full description
C library functions that make changes to arrays or objects take at least two arguments: a pointer to the array or object and an integer indicating the number of elements or bytes to be manipulated. Supplying arguments to such a function might cause the function to form a pointer that does not point into or just past the end of the object, resulting in undefined behavior.
Coding standards
- CERT ARR38-C
Guarantee that library functions do not form invalid pointers
- CWE 121
Stack-based Buffer Overflow
- CWE 119
Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE 125
Out-of-bounds Read
- CWE 123
Write-what-where Condition
- CWE 805
Buffer Access with Incorrect Length Value
- CWE 129
Improper Validation of Array Index
Code examples
The following code example fails the check and will give a warning:
#include <string.h>
#include <wchar.h>
static const char str[] = "Hello world";
static const wchar_t w_str[] = L"Hello world";
void func(void) {
char buffer[32];
wchar_t w_buffer[32];
memcpy(buffer, str, sizeof(str)); /* Compliant */
wmemcpy(w_buffer, w_str, sizeof(w_str)); /* Noncompliant */
}
The following code example passes the check and will not give a warning about this issue:
#include <string.h>
#include <wchar.h>
static const char str[] = "Hello world";
static const wchar_t w_str[] = L"Hello world";
void func(void) {
char buffer[32];
wchar_t w_buffer[32];
memcpy(buffer, str, strlen(str) + 1);
wmemcpy(w_buffer, w_str, wcslen(w_str) + 1);
}