New Published Rules - dannytheway_personal.unbounded-copy-to-stack-buffer

[semgrep-dev-pr-bot]

Wahoo! New published rules with dannytheway_personal.unbounded-copy-to-stack-buffer from @dannytheway.

See semgrep.dev/s/boL4Z for more details.

Thanks for your contribution! ❤️

[semgrep-zcs-prod-semgrep]

Semgrep identified an issue in your code:
The gets() function reads a line from stdin into the provided buffer
until either a terminating newline or EOF. This terminating newline or
EOF is replaced with a null byte '\0'. No check for buffer overruns are
performed so it is recommended to use fgets() instead. Do note
that some platforms will continue reading data after a '\0' is encountered.

Usage of fgets() is not recommended for reading binary based files or inputs,
instead the read or fread functions should be used.

For more information please see: https://linux.die.net/man/3/fgets

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

• /fp <comment> for false positive
• /ar <comment> for acceptable risk
• /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by _getts-1.

_{You can view more details about this finding in the Semgrep AppSec Platform.}

[semgrep-zcs-prod-semgrep]

Semgrep identified an issue in your code:
The gets() function reads a line from stdin into the provided buffer
until either a terminating newline or EOF. This terminating newline or
EOF is replaced with a null byte '\0'. No check for buffer overruns are
performed so it is recommended to use fgets() instead. Do note
that some platforms will continue reading data after a '\0' is encountered.

Usage of fgets() is not recommended for reading binary based files or inputs,
instead the read or fread functions should be used.

For more information please see: https://linux.die.net/man/3/fgets

To resolve this comment:

🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

• /fp <comment> for false positive
• /ar <comment> for acceptable risk
• /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by _getts-1.

_{You can view more details about this finding in the Semgrep AppSec Platform.}

[semgrep-zcs-prod-semgrep]

Semgrep found 17 unbounded-copy-to-stack-buffer findings:

• dannytheway_personal/unbounded-copy-to-stack-buffer.cpp
  • L7 - Triage
  • L15 - Triage
  • L23 - Triage
  • L31 - Triage
  • L39 - Triage
  • L53 - Triage
  • L65 - Triage
  • L71 - Triage
  • L84 - Triage
  • L86 - Triage
  • 7 more - Triage

The function sscanf does not impose any size limitation to what it writes to buf. That may lead to a stack buffer overflow if there is no validation on the size of the input.