To get a trial key
fill out the form below
Team License (standard version)
Enterprise License (extended version)
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
GBP
RUB
* By clicking this button you agree to our Privacy Policy statement

** This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
>
V755. Copying from unsafe data source. …
Analyzer Diagnostics
General Analysis (C++)
General Analysis (C#)
General Analysis (Java)
Diagnosis of micro-optimizations (C++)
Diagnosis of 64-bit errors (Viva64, C++)
MISRA errors
AUTOSAR errors
Additional information
Contents

V755. Copying from unsafe data source. Buffer overflow is possible.

May 18, 2016

The analyzer detected that data from an unsafe source are copied to a buffer of a fixed size.

Command-line arguments of unknown length are one example of such a source:

char *tmp = (char*)malloc(1024);
....
strcat(tmp, argv[0]);

If the size of the data being copied exceeds that of the buffer, it will overflow. To avoid this error, the required size of the storage to be allocated should be computed in advance:

char *src = GetData();
char *tmp = (char*)malloc(strlen(src) + strlen(argv[0]) + 1);
....
strcpy(tmp, src);
strcat(tmp, argv[0]);

You can also use the "realloc()" function to allocate memory as needed. In C++, you can use such classes as "std::string" to handle strings.

The warning is not triggered when the data source is unknown:

char *src = GetData();
char *tmp = malloc(1024);
....
strcat(tmp, src);

This diagnostic is classified as:

This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site.
Learn More →
Accept