Description

The program calls a function that can never be guaranteed to work safely.

Extended Description

Certain functions behave in dangerous ways regardless of how they are used. Functions in this category were often implemented without taking security concerns into account. The gets() function is unsafe because it does not perform bounds checking on the size of its input. An attacker can easily send arbitrarily-sized input to gets() and overflow the destination buffer. Similarly, the >> operator is unsafe to use when reading into a statically-allocated character array because it does not perform bounds checking on the size of its input. An attacker can easily send arbitrarily-sized input to the >> operator and overflow the destination buffer.

Likelihood of Exploit: High

Applicable Platforms
Language: C
Language: C++

Time Of Introduction

• Implementation

Common Consequences

Detection Methods
None

Potential Mitigations

Relationships

Demonstrative Examples   (Details)

1. The excerpt below calls the gets() function in C, which is inherently unsafe.
2. The excerpt below calls the gets() function in C, which is inherently unsafe. (Demonstrative Example Id DX-5)

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

References:

1. Herbert Schildt .Herb Schildt's C++ Programming Cookbook. McGraw-Hill Osborne Media. Section:'Chapter 5. Working with I/O'. 2008-04-28.
2. M. Howard D. LeBlanc .Writing Secure Code 2nd Edition. Microsoft. Section:'Chapter 5, "gets and fgets" Page 163'. Published on 2002.