Module BufferWrite
- name
- CWE-120
- description
- Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’).
- kind
- problem
- problem.severity
- recommendation
Import path
import semmle.code.cpp.security.BufferWrite
Imports
Buffer | |
Scanf | A library for dealing with scanf-like formatting strings. This is similar to printf.qll but the format specification for scanf is quite different. |
Strcat | Provides implementation classes modeling |
Strcpy | Provides implementation classes modeling |
cpp | Provides classes and predicates for working with C/C++ code. |
Classes
BufferWrite | An operation that writes a variable amount of data to a buffer (strcpy, strncat, sprintf etc). |
BufferWriteCall | A |
GetsBW | A call to a variant of |
RealpathBW | A call to |
ScanfBW | A string that is written by a |
SnprintfBW | A call to a variant of |
SprintfBW | A call to a variant of |
StrCatBW | A call to a variant of |
StrCopyBW | A call to a variant of |