c.lang.security.insecure-use-memset.insecure-use-memset

profile photo of returntocorpreturntocorp
Author
unknown
Download Count*
LGPL Commons Clause
License

When handling sensitive information in a buffer, it's important to ensure that the data is securely erased before the buffer is deleted or reused. While memset() is commonly used for this purpose, it can leave sensitive information behind due to compiler optimizations or other factors. To avoid this potential vulnerability, it's recommended to use the memset_s() function instead. memset_s() is a standardized function that securely overwrites the memory with a specified value, making it more difficult for an attacker to recover any sensitive data that was stored in the buffer. By using memset_s() instead of memset(), you can help to ensure that your application is more secure and less vulnerable to exploits that rely on residual data in memory.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: insecure-use-memset
    pattern: memset($...VARS)
    fix: memset_s($...VARS)
    message: When handling sensitive information in a buffer, it's important to
      ensure  that the data is securely erased before the buffer is deleted or
      reused.  While `memset()` is commonly used for this purpose, it can leave
      sensitive  information behind due to compiler optimizations or other
      factors.  To avoid this potential vulnerability, it's recommended to use
      the  `memset_s()` function instead. `memset_s()` is a standardized
      function  that securely overwrites the memory with a specified value,
      making it more  difficult for an attacker to recover any sensitive data
      that was stored in  the buffer. By using `memset_s()` instead of
      `memset()`, you can help to  ensure that your application is more secure
      and less vulnerable to exploits  that rely on residual data in memory.
    languages:
      - c
    severity: WARNING
    metadata:
      cwe:
        - "CWE-14: Compiler Removal of Code to Clear Buffers"
      owasp:
        - A04:2021 - Insecure Design
      references:
        - https://cwe.mitre.org/data/definitions/14.html
        - https://owasp.org/Top10/A02_2021-Cryptographic_Failures/
      category: security
      technology:
        - c
      confidence: LOW
      subcategory:
        - audit
      likelihood: LOW
      impact: MEDIUM
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]

Examples

insecure-use-memset.c

void badcode(char *password, size_t bufferSize) {
  char token[256];
  init(token, password);
  // ruleid: insecure-use-memset
  memset(password, ' ', strlen(password));
  // ruleid: insecure-use-memset
  memset(token, ' ', strlen(localBuffer));
  free(password);
}

void okcode(char *password, size_t bufferSize) {
  char token[256];
  init(token, password);
  // ok: insecure-use-memset
  memset_s(password, bufferSize, ' ', strlen(password));
  // ok: insecure-use-memset
  memset_s(token, sizeof(token), ' ', strlen(localBuffer));
  free(password);
}