Integer Overflow from strlen or wcslen
Description
The software performs a calculation that can produce an integer overflow or wraparound when using the result of strlen or wcslen, which can introduce other weaknesses when used for resource management or execution control.
Examples
Insecure Code
c
short len = strlen(user_input);Secure Code
c
size_t len = strlen(user_input);Remediation
Use a type that can hold the maximum possible length, such as size_t, to store the result of strlen or wcslen.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0743 |
| Category | Injection |
| Severity | MEDIUM |
| CWE | CWE-190 |
| Confidence | MEDIUM |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | integer overflow, strlen, wcslen |
| OWASP | N/A |
References
- https://cwe.mitre.org/data/definitions/680
- https://cwe.mitre.org/data/definitions/190
- https://github.com/struct/mms