DeepSource
Dashboard Resources Pricing Discover Directory Log in

Run your first analysis.

Find thousands of code security and quality issues in your codebase, before they end up in production.

Start now
C & C++

C & C++

Made by DeepSource
Use Analyzer

Unbound checked function calls lacking external bounds checking CXX-S1003

Security
Major

Certain functions do not perform bound checks internally, leading to segmentation faults if the caller does not explicitly perform bound checks. Avoid calling such functions without explicitly checking the buffer bounds against the provided value first.

Make sure to perform a bound check before every call to a dangerous function, as global bounds checks may not always hold true at the time the "callsite" is reached.

C users must avoid using dangerous functions that do not check bounds unless they've ensured that the bounds will never get exceeded.

Functions to avoid in most cases (or ensure protection) include the functions,

  • strcpy(),
  • strcat(),
  • sprintf() (with cousin vsprintf()),
  • and, gets().

These should be replaced with functions such as - strncpy(), - strncat(), - snprintf(), - and fgets() respectively.

Other dangerous functions that may permit buffer overruns (depending on their use) include, - realpath(), - getopt(), - getpass(), - streadd(), - strecpy(), - and, strtrns().

Bad practice

char* src = "this is a long one I think";
char dst[10] = {};
strcpy(dst, src); // needs bound checking to see if `dst` can store `src`

Recommended

char* src = "this is a long one I think";
char dst[10] = {};
if strlen(dst) >= strlen(src) { // bound checked
    strcpy(dst, src);
}