Name: Use of potentially dangerous function
This rule finds calls to functions that are dangerous to use. Currently, it checks for calls to
gmtime. See Related rules below for rules that identify other dangerous functions.
gets function is one of the vulnerabilities exploited by the Internet Worm of 1988, one of the first computer worms to spread through the Internet. The
gets function provides no way to limit the amount of data that is read and stored, so without prior knowledge of the input it is impossible to use it safely with any size of buffer.
gmtime function fills ,
The time related functions such as
gmtime fill data into a
tm struct or
char array in shared memory and then returns a pointer to that structmemory. If the function is called from multiple places in the same program, and especially if it is called from multiple threads in the same program, then the calls will overwrite each other's data.
Replace calls to
fgets, specifying the maximum length to copy. This will prevent the buffer overflow.Replace calls to
gmtime_r, the application code manages allocation of the
tm struct. That way, separate calls to the function can use their own storage.
Similarly replace calls to
localtime_r, calls to
ctime_r and calls to
The following example checks the local time in two ways:
The first version uses
gmtime, so it is vulnerable to its data being overwritten by another thread. Even if this code is not used in a multi-threaded context right now, future changes may make the program multi-threaded. The second version of the code uses
gmtime_r. Since it allocates a new
tm struct on every call, it is immune to other calls to
Other dangerous functions identified by CWE-676 ("Use of Potentially Dangerous Function") include
strcat. Use of these functions is highlighted by rules for the following CWEs:
- CWE-120 Classic Buffer Overflow
- CWE-131 Incorrect Calculation of Buffer Size
- Wikipedia: Morris worm.
- E. Spafford. The Internet Worm Program: An Analysis. Purdue Technical Report CSD-TR-823, (online), 1988.
- SEI CERT C Coding Standard: CON33-C. Avoid race conditions when using library functions.
- Common Weakness Enumeration: CWE-242676.