Why is this an issue?
Array overruns and buffer overflows happen when memory access accidentally goes beyond the boundary of the allocated array or buffer. These
overreaching accesses cause some of the most damaging, and hard to track defects.
When the buffer overflow happens while reading a buffer, it can expose sensitive data that happens to be located next to the buffer in memory. When
it happens while writing a buffer, it can be used to inject code or to wipe out sensitive memory.
This rule detects when a POSIX function takes one argument that is a buffer and another one that represents the size of the buffer, but the two
arguments do not match.
Noncompliant code example
char array[10];
initialize(array);
void *pos = memchr(array, '@', 42); // Noncompliant, buffer overflow that could expose sensitive data
Compliant solution
char array[10];
initialize(array);
void *pos = memchr(array, '@', 10);
Exceptions
Functions related to sockets using the type socklen_t are not checked. This is because these functions are using a C-style polymorphic
pattern using union. It relies on a mismatch between allocated memory and sizes of structures and it creates false positives.
Resources
