Potential format string vulnerability
Description
Format string vulnerabilities allow an attacker to read or in some cases, potentially write data to and from locations in the processes' memory. To prevent against format string attacks, do not allow users or un-validated input to provide the format specification. Consider using a constant for the format specification, or strip all format specifiers from the input prior to calling the `snprintf` family of functions.
Examples
Insecure Code
c
snprintf(buffer, 100, user_input);Secure Code
c
snprintf(buffer, 100, "Hello, %s!", user_input);Remediation
Use a constant for the format specification or strip all format specifiers from the input prior to calling the `snprintf` family of functions.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0591 |
| Category | Injection |
| Severity | HIGH |
| CWE | CWE-134 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | format string vulnerability, snprintf |
| OWASP | A1:2017-Injection, A03:2021-Injection |