Incorrect use of sprintf and snprintf
Description
The C standards specify that the results are undefined if a call to sprintf(), snprintf(), vsprintf(), or vsnprintf() would cause copying to take place between objects that overlap. This can occur when the target string array and one of the supplied input arguments refer to the same buffer.
Examples
Insecure Code
c
sprintf(buf, "%s", buf);Secure Code
c
char src[] = "hello"; sprintf(buf, "%s", src);Remediation
Ensure that the target string array and input arguments do not refer to the same buffer when using sprintf() or snprintf().
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0215 |
| Category | Generic |
| Severity | MEDIUM |
| CWE | CWE-127 |
| Confidence | MEDIUM |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | buffer overlap, undefined behavior |
| OWASP | N/A |