Q
Detector Library
C detectors (34/34)
Logging of sensitive informationInsecure Use Of ChrootDeadlock And Lock InconsistencyUnsafe File ExtensionOS command injectionIncorrect Use Of FreeUse Of Uninitialized VariableInsecure Use strcat fnSQL injectionBitwise Operator On Signed OperandInsecure use gets fnRandom fd exhaustionRedundant Free UsageInsecure Use MemsetDivide By Zero.Return Stack AddressUnchecked Return ValueIncorrect Format SpecifierUnhandled Expression ResultPath traversalImproper Input ValidationOut Of Bounds ReadInteger OverflowInsecure use strtok functionImproper size of a memory bufferincomplete-cleanupNull pointer dereferenceInsecure Temporary File Or DirectoryInsecure Buffer AccessIncorrect Use Ato FnLoose File PermissionsExposure of Sensitive InformationOut-of-bounds WriteString Equality
Insecure Use strcat fn High
strcat/strncat that can lead to buffer overflow vulnerabilities because it does not affirm the size of the destination array and do not automatically NULL-terminate strings.
Detector ID
c/insecure-use-strcat-fn@v1.0
Category
Noncompliant example
1#include <strings.h>
2
3int DST_BUFFER_SIZE = 120;
4
5void insecureUseStrcatNonCompliant(char* src, char* dst) {
6 int n = DST_BUFFER_SIZE;
7 if ((dst != NULL) && (src != NULL) && (strlen(dst)+strlen(src)+1 <= n)) {
8 // Noncompliant: Does not affirm length
9 strcat(dst, src);
10 // Noncompliant: Hardcoded length passed
11 strncat(dst, src, 100);
12 }
13}
Compliant example
1#include <strings.h>
2
3void insecureUseStrcatCompliant(char* src, char* dest, int dest_size) {
4 // Compliant: No hardcoded length
5 strncat(dest, src, dest_size - 1);
6 dest[dest_size - 1] = '\0';
7}