Direct write into stack buffer may cause stack-based buffer overflow

c.buffer_overflow.write_into_stack_buffer

Severity

low

Resource

Buffer Overflow

Language

C / C++

Description

The software directly writes into a stack buffer. This might lead to a stack-based buffer overflow.

Rationale

The software directly writes into a stack buffer. This might lead to a stack-based buffer overflow.

The following code illustrates a vulnerable pattern detected by this rule:

static char globuf[BUFSIZE];
char *ptr;

// VULNERABLE: Direct write into stack buffer may cause stack-based buffer overflow
snprintf(buf, BUFSIZE, "%s", string);

Remediation

Follow secure coding practices and review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References

CWE-121
OWASP Top 10 2021 - A03 : Injection.
https://github.com/googleprojectzero/weggli
CERTC-ARR38-C
CERTC-STR31-C