Use of Potentially Dangerous Function |
Weakness ID: 676 (Weakness Base) | Status: Draft |
Description Summary
Example 1
The following code attempts to create a local copy of a buffer to perform some manipulations to the data.
However, the programmer does not ensure that the size of the data pointed to by string will fit in the local buffer and blindly copies the data with the potentially dangerous strcpy() function. This may result in a buffer overflow condition if an attacker can influence the contents of the string parameter.
Ordinality | Description |
---|---|
Primary | (where the weakness exists independent of other weaknesses) |
Nature | Type | ID | Name | View(s) this relationship pertains to![]() |
---|---|---|---|---|
ChildOf | ![]() | 398 | Indicator of Poor Code Quality | Development Concepts (primary)699 Research Concepts (primary)1000 |
ChildOf | ![]() | 738 | CERT C Secure Coding Section 04 - Integers (INT) | Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734 |
ChildOf | ![]() | 743 | CERT C Secure Coding Section 09 - Input Output (FIO) | Weaknesses Addressed by the CERT C Secure Coding Standard734 |
ChildOf | ![]() | 746 | CERT C Secure Coding Section 12 - Error Handling (ERR) | Weaknesses Addressed by the CERT C Secure Coding Standard734 |
ParentOf | ![]() | 785 | Use of Path Manipulation Function without Maximum-sized Buffer | Research Concepts (primary)1000 |
This weakness is different than CWE-242 (Use of Inherently Dangerous Function). CWE-242 covers functions with such significant security problems that they can never be guaranteed to be safe. Some functions, if used properly, do not directly pose a security risk, but can introduce a weakness if not called correctly. These are regarded as potentially dangerous. A well-known example is the strcpy() function. When provided with a destination buffer that is larger than its source, strcpy() will not overflow. However, it is so often misused that some developers prohibit strcpy() entirely. |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
7 Pernicious Kingdoms | Dangerous Functions | ||
CERT C Secure Coding | ERR07-C | Prefer functions that support error checking over equivalent functions that don't | |
CERT C Secure Coding | FIO01-C | Be careful using functions that use file names for identification | |
CERT C Secure Coding | INT06-C | Use strtol() or a related function to convert a string token to an integer |
[REF-11] M. Howard and D. LeBlanc. "Writing Secure Code". Chapter 5, "Safe String Handling" Page 156, 160. 2nd Edition. Microsoft. 2002. |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
7 Pernicious Kingdoms | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Sean Eidemiller | Cigital | External | |
added/updated demonstrative examples | ||||
2008-07-01 | Eric Dalci | Cigital | External | |
updated Potential Mitigations, Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Applicable Platforms, Relationships, Other Notes, Taxonomy Mappings, Weakness Ordinalities | ||||
2008-11-24 | CWE Content Team | MITRE | Internal | |
updated Relationships, Taxonomy Mappings | ||||
2009-07-27 | CWE Content Team | MITRE | Internal | |
updated Relationships |