Insecure string processing function
Description
The `StrCat` family of functions do not guarantee the final string to be null terminated. Consider using one of the following alternatives: `StringCbCat`, `StringCbCatEx`, `StringCbCatN`, `StringCbCatNEx`, `StringCchCat`, `StringCchCatEx`, `StringCchCatN`, or `StringCchCatNEx`.
Examples
Insecure Code
c
strcat(buffer, user_input);Secure Code
c
StringCbCat(buffer, sizeof(buffer), user_input);Remediation
Replace the insecure function with a secure alternative, such as `StringCbCat` or `StringCchCat`.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0562 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-120 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | string processing, null termination |
| OWASP | A1:2017-Injection, A03:2021-Injection |