In this section:
This error is generated whenever a block of memory indicated by a pointer will be written outside its valid range.
|
This code attempts to copy a string into the array a, which is not large enough.
/*
* File: writover.c
*/
main()
{
int junk;
char a[10];
strcpy(a, "A simple test");
return (0);
} |
Another problem includes writovr2.c. A diagnosis similar to the one that follows applies.
[writover.c:9] **WRITE_OVERFLOW** >> strcpy(a, "A simple test"); Writing overflows memory: <argument 1> ---- Associated Common Weakness Enumerations ---- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer copy without checking size of input CWE-788: Access of memory location after end of buffer CWE-787: Out-of-bounds write CWE-170: Improper NULL termination bbbbbbbbbb | 10 | 4 | wwwwwwwwwwwwwwww Writing (w): 0xf7fffafc thru 0xf7fffb09 (14 bytes) To block (b): 0xf7fffafc thru 0xf7fffb05 (10 bytes) a, declared at writover.c, 7 Stack trace where the error occurred: strcpy () (interface) main() writover.c, 9 |
This error often occurs when working with strings. In most cases, a simple fix is to increase the size of the destination object.
The table below shows Common Weakness Enumerations associated with this error.
| CWE | Description |
|---|---|
| CWE-119 | Improper Restriction of Operations within the Bounds of a Memory Buffer |
| CWE-120 | Buffer copy without checking size of input |
| CWE-788 | Access of memory location after end of buffer |
| CWE-787 | Out-of-bounds write |
| CWE-170 | Improper NULL termination |
