Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Security Issue #11

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add Security Issue #11

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions archive/c/c-plus-plus/linear-search.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,9 @@
int numberLength = strlen(argv[1]);
int keyLength = strlen(argv[1]);

if (numberLength == 0 || keyLength == 0)
int myKeyLength = strlen(argv[1]);

Check notice on line 19 in archive/c/c-plus-plus/linear-search.cpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

archive/c/c-plus-plus/linear-search.cpp#L19 

Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).

Check notice on line 19 in archive/c/c-plus-plus/linear-search.cpp

View check run for this annotation

Codacy Development / Codacy Static Code Analysis

archive/c/c-plus-plus/linear-search.cpp#L19 

Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).

Check failure on line 19 in archive/c/c-plus-plus/linear-search.cpp

View check run for this annotation

Codacy Development / Codacy Static Code Analysis

archive/c/c-plus-plus/linear-search.cpp#L19 

The `strlen` family of functions does not handle strings that are not null terminated.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ℹ️ Codacy found a minor Best Practice issue: The strlen family of functions does not handle strings that are not null terminated.

The issue in the line int myKeyLength = strlen(argv[1]); is that the strlen function is used to determine the length of a string, but it relies on the string being null-terminated. If the string is not null-terminated, using strlen can lead to undefined behavior.

To fix this issue, we can replace the usage of strlen with the std::string member function length(), which correctly handles strings that are not null-terminated.

Suggested change
int myKeyLength = strlen(argv[1]);
int myKeyLength = argv[1].length();

This comment was generated by an experimental AI tool.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ℹ️ Codacy found a minor Security issue: The strlen family of functions does not handle strings that are not null terminated.

The issue identified by the Semgrep linter is that the strlen function expects a null-terminated string to correctly calculate its length. If argv[1] is not null-terminated, strlen will read out of bounds, leading to undefined behavior and potential security vulnerabilities such as buffer overflows.

To fix this issue, we should ensure that argv[1] is null-terminated before passing it to strlen. However, in this context, we should also ensure that the input is valid and properly formatted. A more robust approach would be to use std::string which handles null-termination internally.

Here's the single line change to convert argv[1] to a std::string before measuring its length:

Suggested change
int myKeyLength = strlen(argv[1]);
int numberLength = std::string(argv[1]).length();

This ensures that we are working with a proper C++ string object which manages null-termination and length calculation safely.

This comment was generated by an experimental AI tool.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ℹ️ Codacy found a minor Security issue: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).

The issue identified by Flawfinder is that strlen(argv[1]) does not handle strings that are not null-terminated. If argv[1] is not properly null-terminated, calling strlen on it can result in an over-read, potentially causing a crash or other undefined behavior.

To fix this issue, we should ensure that argv[1] is a valid C-style string before calling strlen on it. However, since argv elements should always be null-terminated strings as per the C standard, the more likely problem is that the wrong argument is being referenced multiple times incorrectly. The keyLength and myKeyLength should actually reference argv[2] instead of argv[1].

Here's the code suggestion to fix the issue:

Suggested change
int myKeyLength = strlen(argv[1]);
int keyLength = strlen(argv[2]);

This comment was generated by an experimental AI tool.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Codacy found a critical Security issue: The strlen family of functions does not handle strings that are not null terminated.

The issue identified by the Semgrep linter is that the strlen function is being used on argv[1], which is a C-style string (character array). If this string is not null-terminated, strlen may read beyond the bounds of the string, leading to undefined behavior or potential security vulnerabilities.

To fix this issue, we can use the std::string class, which provides a safer way to handle strings in C++. Instead of using strlen, we can directly use the size() method of std::string, which is safe and accounts for the actual size of the string.

Here is the suggested change:

Suggested change
int myKeyLength = strlen(argv[1]);
int myKeyLength = strlen(argv[2]);

This comment was generated by an experimental AI tool.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ℹ️ Codacy found a minor Security issue: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).

The issue identified by Flawfinder is that the code uses strlen on argv[1], which is a C-style string (character array). If argv[1] is not properly null-terminated, strlen may read beyond the bounds of the array, leading to undefined behavior, including potential crashes. This is particularly concerning when dealing with input from command-line arguments, as the input may not always be sanitized or guaranteed to be null-terminated.

To fix this issue, we can use the std::string constructor that takes a char* and a length, which allows us to safely convert the input to a std::string without relying on null termination.

Here's the code suggestion to fix the issue:

Suggested change
int myKeyLength = strlen(argv[1]);
int myKeyLength = strlen(argv[2]);

This comment was generated by an experimental AI tool.


if (numberLength == 0 || keyLength == 0|| myKeyLength == 0)
{
cout << error << endl;
return 1;
Expand Down Expand Up @@ -53,4 +55,4 @@
{
cout << "false";
}
}
}