Menu
I've been asked to maintain a large C++ codebase full of memory leaks. While poking around, I found out that we have a lot of buffer overflows that lead to the leaks (how it got this bad, I don't ever want to know).
I've decided to removing the buffer overflows first, starting with the dangerous functions. What C/C++ functions that are most often used incorrectly and can lead to buffer overflow?
For compiler and/or tools used to help look for buffer overrun, I've created another question that deals with this
860
That is why the safest basic method in C is to avoid the following five unsafe functions that can lead to a buffer overflow vulnerability: printf , sprintf , strcat , strcpy , and gets .
Some coding languages are more sensitive to buffer overflows than others. C and C ++ are two common languages with high vulnerabilities because they do not include built-in protection against access or overwriting of memory data. Code is written in one or both of these languages in Windows, Mac OSX, and Linux.
C and C++ are more susceptible to buffer overflow. Secure development practices should include regular testing to detect and fix buffer overflows. These practices include automatic protection at the language level and bounds-checking at run-time.
In general, any function that does not check bounds in the arguments. A list would be
You should use size limited versions like stncpy, strncat, fgets, etc. Then be careful while giving the size limit; take into consideration the '\0' terminating the string.
Also, arrays are NOT bound checked in C or C++. The following example would cause errors. See off by one error
int foo[3];
foo[3] = WALKED_OFF_END_OF_ARRAY;
edit: Copied answers of @MrValdez , @Denton Gentry
178
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
