gitlab.flawfinder.lstrcpy-1.wcscpy-1._tcscpy-1._mbscpy-1

137

Download Count*

MIT

License

Consider using a function version that stops copying at the end of the buffer.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: flawfinder.lstrcpy-1.wcscpy-1._tcscpy-1._mbscpy-1
    languages:
      - c
    message: >
      Consider using a function version that stops copying at the end of the
      buffer.
    metadata:
      cwe: "CWE-120: Does not check for buffer overflows when copying to destination
        [MS-banned] (CWE-120)"
      primary_identifier: flawfinder.lstrcpy-1.wcscpy-1._tcscpy-1._mbscpy-1
      secondary_identifiers:
        - name: Flawfinder - lstrcpy
          type: flawfinder_func_name
          value: lstrcpy
        - name: Flawfinder - wcscpy
          type: flawfinder_func_name
          value: wcscpy
        - name: Flawfinder - _tcscpy
          type: flawfinder_func_name
          value: _tcscpy
        - name: Flawfinder - _mbscpy
          type: flawfinder_func_name
          value: _mbscpy
      license: MIT
    pattern-either:
      - pattern: lstrcpy(...)
      - pattern: wcscpy(...)
      - pattern: _tcscpy(...)
      - pattern: _mbscpy(...)
    severity: ERROR

Short Link: https://sg.run/Q41D