MISRAC2012-Dir-4.14_d
In this section:
Synopsis
(Required) The validity of values received from external sources shall be checked.
Enabled by default
Yes
Severity/Certainty
Medium/Medium
Full description
A tainted value is used as the size of the memory copied from one buffer to another.
Coding standards
- MISRA C:2012 Dir-4.14
(Required) The validity of values received from external sources shall be checked
Code examples
The following code example fails the check and will give a warning:
#include <stdio.h>
int main(int argc, char **argv) {
char dest[50], src[50];
int size = getchar();
int size2 = 10;
int size3 = 20;
int size4 = 30;
int i;
for (i = 0; i < 4; i++) {
memcpy(dest, src, size4);
size4 = size3;
size3 = size2;
size2 = size;
}
}
The following code example passes the check and will not give a warning about this issue:
#include <stdio.h>
int main(int argc, char **argv) {
char dest[50], src[50];
int size = getchar();
int size2 = 10;
int size3 = 20;
int size4 = 30;
int i;
for (i = 0; i < 4; i++) {
if (size4 >= 0 && size4 <= 50)
memcpy(dest, src, size4);
size4 = size3;
size3 = size2;
size2 = size;
}
}