Bug Summary

File:example1.c
Warning:line 13, column 5
Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -triple x86_64-unknown-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name example1.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -mrelocation-model static -mthread-model posix -mdisable-fp-elim -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -resource-dir /opt/qses/clang9/lib/clang/9.0.0 -internal-isystem /usr/local/include -internal-isystem /opt/qses/clang9/lib/clang/9.0.0/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -Wno-deprecated-declarations -std=c99 -fdebug-compilation-dir /home/qsesdcc_gmail_com/lab4code -ferror-limit 19 -fmessage-length 0 -fobjc-runtime=gcc -fdiagnostics-show-option -analyzer-checker security -analyzer-checker security.insecureAPI.gets -analyzer-output=html -faddrsig -o /home/qsesdcc_gmail_com/lab4code/static_analysis/2019-11-07-110128-1986-1 -x c example1.c
1#include <stdlib.h>
2#include <stdio.h>
3#include <string.h>
4#include <bsd/string.h>
5
6int main(int argc, char** argv) {
7 --argc; ++argv;
8
9 // Buffer for name (capacity: 9 chars + '\0' terminator)
10 char name[10];
11
12 if (argc != 0) {
13 strcpy(name, argv[0]);
Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
14 // Also problematic:
15 // sscanf(argv[0], "%s", name);
16 } else {
17 gets(name);
18 // Also problematic:
19 // scanf("%s", name);
20 }
21 // Format string vulnerability
22 printf(name);
23 printf(", you are welcome!\n");
24 return 0;
25}
26
27