Potentially unsafe use of strcat¶
ID: cpp/unsafe-strcat Kind: problem Security severity: 9.8 Severity: warning Precision: medium Tags: - reliability - correctness - security - external/cwe/cwe-676 - external/cwe/cwe-120 - external/cwe/cwe-251 Query suites: - cpp-security-extended.qls - cpp-security-and-quality.qls Click to see the query in the CodeQL repository
The standard library function strcat appends a source string to a target string. If you do not check the size of the source string then you cannot guarantee that appending the data to the target string will not cause a buffer overflow. Buffer overflows can lead to anything from a segmentation fault to a security vulnerability.
Recommendation¶
Check the highlighted function calls carefully to ensure that no buffer overflow is possible. For a more robust solution, consider adding explicit range checks or using the strncat function instead.
Example¶
voidf(char*s){charbuf[80];strcpy(buf,"s: ");strcat(buf,s);// wrong: buffer not checked before strcat}voidg(char*s){charbuf[80];strcpy(buf,"s: ");if(strlen(s)<77)strcat(buf,s);// correct: buffer size checked before strcat}References¶
I. Gerg, An Overview and Example of the Buffer-Overflow Exploit. IANewsletter vol 7, no 4, 2005.
M. Donaldson, Inside the Buffer Overflow Attack: Mechanism, Method & Prevention. SANS Institute InfoSec Reading Room. 2002.
Common Weakness Enumeration: CWE-676.
Common Weakness Enumeration: CWE-120.
Common Weakness Enumeration: CWE-251.
