Potentially unsafe use of strcat¶
ID: cpp/unsafe-strcatKind: problemSecurity severity: 9.8Severity: warningPrecision: mediumTags: - reliability - correctness - security - external/cwe/cwe-676 - external/cwe/cwe-120 - external/cwe/cwe-251Query suites: - cpp-security-extended.qls - cpp-security-and-quality.qls
Click to see the query in the CodeQL repository
The standard library functionstrcat appends a source string to a target string. If you do not check the size of the source string then you cannot guarantee that appending the data to the target string will not cause a buffer overflow. Buffer overflows can lead to anything from a segmentation fault to a security vulnerability.
Recommendation¶
Check the highlighted function calls carefully to ensure that no buffer overflow is possible. For a more robust solution, consider adding explicit range checks or using thestrncat function instead.
Example¶
voidf(char*s){charbuf[80];strcpy(buf,"s: ");strcat(buf,s);// wrong: buffer not checked before strcat}voidg(char*s){charbuf[80];strcpy(buf,"s: ");if(strlen(s)<77)strcat(buf,s);// correct: buffer size checked before strcat}
References¶
I. Gerg,An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7, no 4, 2005.
M. Donaldson,Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.
Common Weakness Enumeration:CWE-676.
Common Weakness Enumeration:CWE-120.
Common Weakness Enumeration:CWE-251.