LIB-fn-unsafe
Synopsis
A potentially unsafe library function is used.
Enabled by default
No
Severity/Certainty
Medium/Medium
Full description
A potentially unsafe library function is used, for which there is a safer alternative. This library function might create vulnerabilities like possible buffer overflow, because it does not check the size of a string before copying it into memory. The problem is that strcpy() and gets() functions are used. strncpy() should be used instead of strcpy(), and fgets() instead of gets(), because they include an additional argument in which the input's maximum allowed length is specified.
Coding standards
- CWE 242
Use of Inherently Dangerous Function
- CWE 252
Unchecked Return Value
- CWE 394
Unexpected Status Code or Return Value
- CWE 477
Use of Obsolete Functions
Code examples
The following code example fails the check and will give a warning:
#include <stdio.h>
void example(char* buf1) {
scanf("%s", buf1);
}
The following code example passes the check and will not give a warning about this issue:
#include <stdio.h>
void example(char* buf1, char* buf2) {
strncpy(buf1, buf2, 5);
}