[C-safe-secure-studygroup] checker

Wheeler, David A dwheeler at ida.org
Wed Jan 23 19:26:14 GMT 2019


Robert Seacord:
> Has anyone implemented a static analysis checker that would detect when a programmer incorrectly specifies the size of the source array instead of the destination array, for example:
void func (void) {
  char source[] = "...";
  char dest[N];
  ...
  strcpy_s(dest, sizeof source, source);
  
}
 
Yes.  In an almost vacuous way flawfinder sometimes does that - and it’s just a lexical analyzer.

Flawfinder will warn about memcpy, but *NOT* if the count is given as sizeof(first arg). Since first arg is the dest, flawfinder *will* complain if the size of the *source* array is given, since that's the wrong one.  It will even complain if the source array size is smaller than the destination (it's still the wrong size to use, and things can change in the future during maintenance).

--- David A. Wheeler


More information about the C-safe-secure-studygroup mailing list