Modification of internal buffer returned from non-reentrant standard function
Function attempts to modify internal buffer returned from a nonreentrant standard function
Description
This defect occurs when the following happens:
A nonreentrant standard function returns a pointer.
You attempt to write to the memory location that the pointer points to.
Nonreentrant standard functions that return a non const
-qualified
pointer to an internal buffer include getenv
,
getlogin
, crypt
, setlocale
,
localeconv
, strerror
and others.
Risk
Modifying the internal buffer that a nonreentrant standard function returns can cause the following issues:
It is possible that the modification does not succeed or alters other internal data.
For instance,
getenv
returns a pointer to an environment variable value. If you modify this value, you alter the environment of the process and corrupt other internal data.Even if the modification succeeds, it is possible that a subsequent call to the same standard function does not return your modified value.
For instance, you modify the environment variable value that
getenv
returns. If another process, thread, or signal handler callssetenv
, the modified value is overwritten. Therefore, a subsequent call togetenv
does not return your modified value.
Fix
Avoid modifying the internal buffer using the pointer returned from the function.
Examples
Result Information
Group: Programming |
Language: C | C++ |
Default: Off |
Command-Line Syntax:
WRITE_INTERNAL_BUFFER_RETURNED_FROM_STD_FUNC |
Impact: Low |
Version History
Introduced in R2015b
See Also
Topics
- Interpret Bug Finder Results in Polyspace Desktop User Interface
- Interpret Bug Finder Results in Polyspace Access Web Interface (Polyspace Access)
- Address Results in Polyspace User Interface Through Bug Fixes or Justifications
- Address Results in Polyspace Access Through Bug Fixes or Justifications (Polyspace Access)