Module BufferWrite
- name
- CWE-120
- description
- Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’).
- kind
- problem
- problem.severity
- recommendation
Import path
import semmle.code.cpp.security.BufferWrite
Imports
Buffer | |
Scanf |
A library for dealing with scanf-like formatting strings. This is similar to printf.qll but the format specification for scanf is quite different. |
Strcat |
Provides implementation classes modeling |
Strcpy |
Provides implementation classes modeling |
cpp |
Provides classes and predicates for working with C/C++ code. |
Classes
BufferWrite |
An operation that writes a variable amount of data to a buffer (strcpy, strncat, sprintf etc). |
BufferWriteCall |
A |
GetsBW |
A call to a variant of |
RealpathBW |
A call to |
ScanfBW |
A string that is written by a |
SnprintfBW |
A call to a variant of |
SprintfBW |
A call to a variant of |
StrCatBW |
A call to a variant of |
StrCopyBW |
A call to a variant of |