Use of insecure gets() function with no bounds checking

Description

The gets() function is always unsafe because it does not perform bounds checking on the size of its input. An attacker can easily send arbitrarily-sized input to gets() and overflow the destination buffer.

Rationale

The gets() function is always unsafe because it does not perform bounds checking on the size of its input. An attacker can easily send arbitrarily-sized input to gets() and overflow the destination buffer.

The following code illustrates a vulnerable pattern detected by this rule:

void get_string()
{
	char buf[BUFSIZE];

	// VULNERABLE: Use of insecure gets() function with no bounds checking
	gets(buf);
}

Remediation

Follow secure coding practices and review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References

CWE-242
OWASP Top 10 2021 - A06 : Vulnerable and Outdated Components.
https://cwe.mitre.org/data/definitions/120
CERTC-MSC24-C
CERTC-POS33-C