LANG.MEM.TBA : 汚染されたバッファアクセス

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

バッファの読み込みもしくは書き込み箇所が汚染された可能性のある値によって決定されているため、バッファ外にアクセスする可能性があります。

このクラスはバッファオーバーラン, バッファアンダーラン, 型オーバーランおよび型アンダーランと類似しており、検出されたワーニングが重複する場合もありますが、一般的には異なるものです。

クラス名

Tainted Buffer Access

日本語クラス名

汚染されたバッファアクセス

クラス分類

セキュリティ (security)

ニーモニック

LANG.MEM.TBA

カテゴリー

MisraC2023	MisraC2023:18.1	A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
	MisraC2023:18.2	Subtraction between pointers shall only be applied to pointers that address elements of the same array
Misra2012	Misra2012:18.1	A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
	Misra2012:18.2	Subtraction between pointers shall only be applied to pointers that address elements of the same array
Misra2004	Misra2004:17.1	Pointer arithmetic shall only be applied to pointers that address an array or array element
	Misra2004:17.2	Pointer subtraction shall only be applied to pointers that address elements of the same array
AUTOSARC++14	AUTOSARC++14:M5-0-16	A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
	AUTOSARC++14:A27-0-1	Inputs from independent components shall be validated.
MisraC++2008	MisraC++2008:5-0-16	A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
CWE	CWE:20	Improper Input Validation
	CWE:119	Improper Restriction of Operations within the Bounds of a Memory Buffer
TS17961	TS17961:5.14-nullref	5.14. Dereferencing an out-of-domain pointer
	TS17961:5.45-taintsink	5.45. Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink
CERT-C	CERT-C:ARR30-C	Do not form or use out-of-bounds pointers or array subscripts
	CERT-C:ARR37-C	Do not add or subtract an integer to a pointer to a non-array object
	CERT-C:ARR39-C	Do not add or subtract a scaled integer to a pointer
	CERT-C:EXP08-C	Ensure pointer arithmetic is used correctly
	CERT-C:INT04-C	Enforce limits on integer values originating from tainted sources
	CERT-C:INT31-C	Ensure that integer conversions do not result in lost or misinterpreted data
	CERT-C:MEM35-C	Allocate sufficient memory for an object
	CERT-C:POS30-C	Use the readlink() function properly
	CERT-C:STR38-C	Do not confuse narrow and wide character strings and functions
CERT-CPP	CERT-CPP:CTR50-CPP	Guarantee that container indices and iterators are within the valid range
	CERT-CPP:CTR52-CPP	Guarantee that library functions do not overflow
JSF++	JSF++:211	Algorithms shall not assume that shorts, ints, longs, floats, doubles or long doubles begin at particular addresses.
DISA-6r1	DISA-6r1:V-222606	The application must validate all input.
	DISA-6r1:V-222609	The application must not be subject to input handling vulnerabilities.
	DISA-6r1:V-222612	The application must not be vulnerable to overflow attacks.
DISA-5r3	DISA-5r3:V-70265	The application must validate all input.
	DISA-5r3:V-70271	The application must not be subject to input handling vulnerabilities.
	DISA-5r3:V-70277	The application must not be vulnerable to overflow attacks.
DISA-4r3	DISA-4r3:V-70265	The application must validate all input.
	DISA-4r3:V-70271	The application must not be subject to input handling vulnerabilities.
	DISA-4r3:V-70277	The application must not be vulnerable to overflow attacks.
DISA-3r10	DISA-3r10:V-6164	The designer will ensure the application validates all input.
	DISA-3r10:V-6165	The designer will ensure the application does not have buffer overflows, use functions known to be vulnerable to buffer overflows, and does not use signed values for memory allocation where permitted by the programming language.
OWASP-2017	OWASP-2017:A8	Insecure deserialization
OWASP-2021	OWASP-2021:A8	Software and data integrity failures

対応言語

C および C++ で利用可能です。

有効/無効設定

このワーニングクラスのチェックはデフォルトで有効になっています。チェックを無効にするにはプロジェクト設定ファイル（configuration file）に以下の WARNING_FILTER ルールを追加してください。

WARNING_FILTER += discard class="Tainted Buffer Access"

#include <stdio.h>

void tainted_buffer_access(){
    int c;
    char buf[10];

    c = getchar();
    if (c == EOF) {return;}
    buf[c*c] = 'a';  /* 'Tainted Buffer Access' warning issued here */ 
}

設定ファイルの以下のパラメータがこのワーニングクラスのチェックに影響します。

LANG.MEM.TBA : 汚染されたバッファアクセス

要旨

プロパティ

例

関連のある設定ファイルパラメータ