Banned C function detected (strcpy)

Summary

Use of the strcpy function to copy a string can lead to a buffer overrun vulnerability.
Use secure versions such as strcpy_s to help prevent buffer overruns.

Details

The strcpy function does not check for sufficient space in the destination buffer. This is a potential cause of a buffer overrun vulnerability. A buffer overflow will occur if the source is larger than the destination.

Solution

Use secure versions such as strcpy_s to help prevent buffer overruns.

Severity Considerations

In the worst case, a buffer overrun vulnerability can provide an attacker the ability to execute arbitrary code leading to complete system compromise.

References

Microsoft Learn: strcpy_s
Avoiding Buffer Overruns
OWASP: Buffer Overflow

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DS185832.md

DS185832.md

Banned C function detected (strcpy)

Summary

Details

Solution

Severity Considerations

References

Files

DS185832.md

Latest commit

History

DS185832.md

File metadata and controls

Banned C function detected (strcpy)

Summary

Details

Solution

Severity Considerations

References