Misuse of strcpy/strcat string functions

Buffer overflow due to misuse of string function.

This diagnostic covers several usage errors related to string manipulation functions such as strcat and strcpy.

ID

Observation

Description

1

Buffer overflow

The place the string function was used

Examples


#include <stdio.h>
#include <string.h>

int main(int argc, char **argv)
{
    char buf[16];
    strcpy(buf, argv[0]); // unsafe
    printf("%s\n", buf);
    return 0;
}
        

Copyright © 2010, Intel Corporation. All rights reserved.