Insecure use of sprintf and vsprintf
Description
A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold, or when a program attempts to put data in a memory area outside of the boundaries of a buffer. The use of sprintf and vsprintf with unbounded format strings can lead to buffer overflows.
Examples
Insecure Code
c
sprintf(buffer, user_input);Secure Code
c
snprintf(buffer, sizeof(buffer), "%s", user_input);Remediation
Use snprintf or vsnprintf instead, which allow specifying the maximum number of bytes to write.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0672 |
| Category | Injection |
| Severity | CRITICAL |
| CWE | CWE-120 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | buffer overflow, format string vulnerability |
| OWASP | N/A |
References
- https://cwe.mitre.org/data/definitions/120
- https://cwe.mitre.org/data/definitions/787
- https://cwe.mitre.org/data/definitions/676
- https://g.co/kgs/PCHQjJ