[cfe-commits] [PATCH] review request - strcmp/strcasecmp security checker
joerg at britannica.bec.de
Wed Apr 6 17:58:25 PDT 2011
On Thu, Apr 07, 2011 at 01:13:16AM +0200, pageexec at freemail.hu wrote:
> On 7 Apr 2011 at 0:59, Joerg Sonnenberger wrote:
> > On Wed, Apr 06, 2011 at 04:25:21PM -0600, Lenny Maiorani wrote:
> > > Add security syntax checker for strcmp() and strcasecmp() which causes
> > > the Static Analyzer to generate a warning any time the strcmp()
> > > function is used with a note suggesting to use a function which
> > > provides bounded buffers such as strncmp() or strncasecmp(). CWE-119.
> > Sorry, but this sounds completely wrong.
> i raised the issue already last week but got no response....
There is one important difference here -- strcpy requires NUL
termination of the input + size restriction of the output to work
properly. strcmp() only requires both input arguments to be properly NUL
A useful analyzer check for string operations would try to ensure that
property and complain about cases where it can't be deducted with
reasonable precision. This can be tricky, e.g. the following is
int f(const char *s);
size_t l = strlen(s);
if (l < 4) return -1;
memcpy(buf, s + l - 3, 4);
return strcmp(s, buf);
More information about the cfe-commits