Insecure string processing function
Description
The `StrCpy` family of functions do not guarantee the final string to be null terminated. Consider using one of the following alternatives `StringCbCopy`, `StringCbCopyEx`, `StringCbCopyN`, `StringCbCopyNEx`, `StringCchCopy`, `StringCchCopyEx`, `StringCchCopyN`, or `StringCchCopyNEx`. If developing for C Runtime Library (CRT), more secure versions of these functions should be used.
Examples
Insecure Code
c
strcpyA(dest, src);Secure Code
c
StringCbCopy(dest, sizeof(dest), src);Remediation
Replace insecure string processing functions with secure alternatives like `StringCbCopy`, `StringCbCopyEx`, `StringCbCopyN`, `StringCbCopyNEx`, `StringCchCopy`, `StringCchCopyEx`, `StringCchCopyN`, or `StringCchCopyNEx`.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0580 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-120 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | string processing, null termination |
| OWASP | A1:2017-Injection, A03:2021-Injection |