CWE Rule 475

Undefined Behavior for Input to API

Since R2024a

expand all in page

Description

Rule Description

The behavior of this function is undefined unless its control parameter is set to a specific value.

Polyspace Implementation

The rule checker checks for Copy of overlapping memory.

Examples

expand all

Copy of overlapping memory

Issue

This issue occurs when there is a memory overlap between the source and destination argument of a copy function such as memcpy or strcpy. For instance, the source and destination arguments of strcpy are pointers to different elements in the same string.

Risk

If there is memory overlap between the source and destination arguments of copy functions, according to C standards, the behavior is undefined.

Fix

Determine if the memory overlap is what you want. If so, find an alternative function. For instance:

If you are using memcpy to copy values from one memory location to another, use memmove instead of memcpy.
If you are using strcpy to copy one string to another, use memmove instead of strcpy, as follows:
```
s = strlen(source);
memmove(destination, source, s + 1);
```
strlen determines the string length without the null terminator. Therefore, you must move s+1 bytes instead of s bytes.

Example — Overlapping Copy

#include <string.h>

char str[] = {"ABCDEFGH"};

void my_copy() {
    strcpy(&str[0],(const char*)&str[2]); //Noncompliant
}

In this example, because the source and destination argument are pointers to the same string str, there is memory overlap between their allowed buffers.

Check Information

Category: API / Function Errors

Version History

Introduced in R2024a