Uncontrolled format string¶

ID: cpp/tainted-format-string
Kind: path-problem
Security severity: 9.3
Severity: warning
Precision: high
Tags:
   - reliability
   - security
   - external/cwe/cwe-134
Query suites:
   - cpp-code-scanning.qls
   - cpp-security-extended.qls
   - cpp-security-and-quality.qls

Click to see the query in the CodeQL repository

The program uses input from the user as a format string for printf style functions. This can lead to buffer overflows or data representation problems. An attacker can exploit this weakness to crash the program, disclose information or even execute arbitrary code.

The results of this rule do not include inputs from the user that are transferred through global variables. Those can be found in the related rule “Uncontrolled format string (through global variable)”.

Recommendation¶

Use constant expressions as the format strings. If you need to print a value from the user, use printf("%s", value_from_user).

Example¶

#include <stdio.h>

void printWrapper(char *str) {
	printf(str);
}

int main(int argc, char **argv) {
	// This should be avoided
	printf(argv[1]);

	// This should be avoided too, because it has the same effect
	printWrapper(argv[1]);

	// This is fine
	printf("%s", argv[1]);
}

References¶

CERT C Coding Standard: FIO30-C. Exclude user input from format strings.
Common Weakness Enumeration: CWE-134.

© GitHub, Inc.
Terms
Privacy

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies:

Alternative Proxy