C and C++

LANG.MEM.TO : 型オーバーラン

要旨

構造体の中の型境界をオーバーランしています。

プロパティ

クラス名 Type Overrun
日本語クラス名 型オーバーラン
クラス分類 セキュリティ (security)
ニーモニック LANG.MEM.TO
カテゴリー
MisraC2023 MisraC2023:1.3 There shall be no occurrence of undefined or critical unspecified behaviour
  MisraC2023:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  MisraC2023:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
  MisraC2023:21.17 Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters
  MisraC2023:D.4.1 Run-time failures shall be minimized
Misra2012 Misra2012:1.3 There shall be no occurrence of undefined or critical unspecified behaviour
  Misra2012:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  Misra2012:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
  Misra2012:21.17 Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters
  Misra2012:D.4.1 Run-time failures shall be minimized
Misra2004 Misra2004:17.1 Pointer arithmetic shall only be applied to pointers that address an array or array element
  Misra2004:17.2 Pointer subtraction shall only be applied to pointers that address elements of the same array
AUTOSARC++14 AUTOSARC++14:M5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
  AUTOSARC++14:A5-2-5 An array or container shall not be accessed beyond its range.
MisraC++2008 MisraC++2008:5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
CWE CWE:119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CERT-C CERT-C:ARR30-C Do not form or use out-of-bounds pointers or array subscripts
  CERT-C:ARR37-C Do not add or subtract an integer to a pointer to a non-array object
  CERT-C:ARR39-C Do not add or subtract a scaled integer to a pointer
  CERT-C:ENV01-C Do not make assumptions about the size of an environment variable
  CERT-C:EXP08-C Ensure pointer arithmetic is used correctly
  CERT-C:MEM35-C Allocate sufficient memory for an object
  CERT-C:STR31-C Guarantee that storage for strings has sufficient space for character data and the null terminator
CERT-CPP CERT-CPP:CTR50-CPP Guarantee that container indices and iterators are within the valid range
  CERT-CPP:STR50-CPP Guarantee that storage for strings has sufficient space for character data and the null terminator
JSF++ JSF++:211 Algorithms shall not assume that shorts, ints, longs, floats, doubles or long doubles begin at particular addresses.
OWASP-2017 OWASP-2017:A8 Insecure deserialization
OWASP-2021 OWASP-2021:A8 Software and data integrity failures
対応言語 C および C++ で利用可能です。
有効/無効設定 このワーニングクラスのチェックはデフォルトで有効になっています。チェックを無効にするにはプロジェクト設定ファイル (configuration file)に以下の WARNING_FILTER ルールを追加してください。 
WARNING_FILTER += discard class="Type Overrun"

可能性のあるカテゴリ

CWE:843 Access of Resource Using Incompatible Type ('Type Confusion') 

struct {
    int ssn;
    char name[20];
    int grades[50];
} record;

void lang_mem_to(char c){
  record.name[20] = c;    /* 'Type Overrun' warning issued here */
}

関連のある設定ファイルパラメータ

設定ファイルの以下のパラメータがこのワーニングクラスのチェックに影響します。