Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarLint
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarCloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube

C++ static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C++ code

"scanf()" and "fscanf()" format strings should specify a field width for the "%s" string placeholder

intentionality - complete

security

Vulnerability

CriticalSonarSource default severity
click to learn more

The %s format specifier is used to read a string into a buffer. If the input string exceeds the size of this buffer, a buffer overflow can occur.

Why is this an issue?

How can I fix it?

More Info

By default, there is no limit on the length of the string being read. The scanf family of functions will continue to read characters into the buffer until they encounter a whitespace character.

If the input contains a string that is long enough and lacks whitespace characters, it can result in memory beyond the end of the buffer being overwritten. This situation is known as a buffer overflow vulnerability.

What is the potential impact?

An attacker could exploit this vulnerability to overwrite memory used by the application. This could result in the modification of application data, unexpected behavior, or even cause the application to become unstable or crash. In some cases, the attacker might also gain control over the execution flow of the application, leading to arbitrary code execution.

Available In:

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Developer
Edition

In-IDE

SaaS

Self-Hosted