2

I can't solve these two warnings found by Flawfinder. Could you answer to me with an example of the correct code?

Final results:

flawfinder_exercise_old_SAL_syntax.cpp:48:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.<br>
flawfinder_exercise_old_SAL_syntax.cpp:36:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.*

This is the one in line 48:

int execute(char *buf) {
    return system(buf); // pass buf as command to be executed by the OS
}

This is the one in line 36:

void copy_data(char *buf1,
               char *buf2) {
    memcpy(buf2,buf1,STR_SIZE); 
    buf2[STR_SIZE-1] = NULL; // null terminate, just in case
}
Jabberwocky
  • 48,281
  • 17
  • 65
  • 115
ZioNick
  • 31
  • 3
  • 1
    The correct code for the `system` function, it not using it. The function is inherently unsafe because it potentially allows execution of another program out of your control. The second one with `memcpy` is also rather explicit, you don't check for any potential overflow, because the size of `buf2` is potentially unknown. But remember, these are just warnings. – Jabberwocky Mar 30 '16 at 11:33
  • Hi! Thanks for the answer! I know the things you said, but for school I have to solve this warnings and I don't know how... :( – ZioNick Mar 30 '16 at 11:35
  • For the `memcpy` case try something as `copy_data(char *buf1, char *buf2, int size) {memcpy(buf2,buf1, size); ...}`, and `copy_data(xx, yy, STR_SIZE);`. – Jabberwocky Mar 30 '16 at 11:37
  • 'copy_data' : function does not take 3 arguments Argh... – ZioNick Mar 30 '16 at 11:44
  • Yes, `copy_data` doesn't take 3 arguments, and that's exactly the problem. Are you allowed to modify the source code in order of getting rid of the warnings ? If not, you can't get rid of the warnings. – Jabberwocky Mar 30 '16 at 11:46
  • Oh, ok ok... Yes, it is allowed, but I don't know how to do. – ZioNick Mar 30 '16 at 11:49
  • 1
    Well, then it's about time to learn the basics of the C language. – Jabberwocky Mar 30 '16 at 11:50
  • Thanks to your answer... I'll do it... :) – ZioNick Mar 30 '16 at 11:52
  • @Jabberwocky How the `copy_data` function solves the warning? doesn't it just move the warning to some other place? – alfC Dec 03 '21 at 11:38
  • Does this answer your question? [A flaw reported by Flawfinder, but I don't think it makes sense](https://stackoverflow.com/questions/59293533/a-flaw-reported-by-flawfinder-but-i-dont-think-it-makes-sense) – BoP Dec 03 '21 at 13:26

0 Answers0