Insufficient protection against buffer overflow (getwd)
Description
The `getwd` function does not contain a parameter to limit how many characters can be copied into the destination buffer. For portability and security reasons, `getwd` has been deprecated in favor of `getcwd`.
Examples
Insecure Code
c
char buf[100]; getwd(buf);Secure Code
c
char buf[100]; getcwd(buf, 100);Remediation
Replace `getwd` with `getcwd` to prevent buffer overflow vulnerabilities.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0568 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-120 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | buffer overflow, deprecated function |
| OWASP | A1:2017-Injection, A03:2021-Injection |