gitlab.flawfinder.atoi-1.atol-1._wtoi-1._wtoi64-1
137
Download Count*
License
The atoi
family of functions can potentially overflow or underflow integer values. Consider
using stroul
instead.
For more information please see: https://wiki.sei.cmu.edu/confluence/display/c/ERR34-C.+Detect+errors+when+converting+a+string+to+a+number
Run Locally
Run in CI
Defintion
rules:
- id: flawfinder.atoi-1.atol-1._wtoi-1._wtoi64-1
languages:
- c
message: >
The `atoi` family of functions can potentially overflow or underflow
integer values. Consider
using `stroul` instead.
For more information please see:
https://wiki.sei.cmu.edu/confluence/display/c/ERR34-C.+Detect+errors+when+converting+a+string+to+a+number
metadata:
shortDescription: Possible integer overflow or underflow
cwe: CWE-190
owasp: A1:2017-Injection
primary_identifier: flawfinder.atoi-1.atol-1._wtoi-1._wtoi64-1
secondary_identifiers:
- name: Flawfinder - atoi
type: flawfinder_func_name
value: atoi
- name: Flawfinder - atol
type: flawfinder_func_name
value: atol
- name: Flawfinder - _wtoi
type: flawfinder_func_name
value: _wtoi
- name: Flawfinder - _wtoi64
type: flawfinder_func_name
value: _wtoi64
license: MIT
vulnerability_class:
- Other
pattern-either:
- pattern: atoi(...)
- pattern: atol(...)
- pattern: _wtoi(...)
- pattern: _wtoi64(...)
severity: INFO
Short Link: https://sg.run/jk6Z