0 
char tmp[] = "hello world";
char *line;
size_t sz;

sz = strlen(tmp) +1;
line = (char*)malloc(sz);

if (line)
    memset(line, 0x00, sz);

Using a tool called Fortify, it flags the memset as a Buffer Overflow. Any one know why?

Improve this question
8
  • Give the exact and complete error. Maybe it's complaining because the code does not check for malloc failure. Commented Aug 19, 2021 at 1:11
  • 3
    The memset call seems fine, but malloc()'s return value should be checked, as kaylum said. Also, you probably wanted to allocate sz + 1 bytes unless you want unexpected behavior (remember that C strings are NUL-terminated) or unless line will be shorter than tmp. P.S.: casting malloc() to char* (or whatever specific pointer type) is discouraged. Commented Aug 19, 2021 at 1:28
  • There is no error. Fortify is a tool to alert you of security flaws in you code. A potential for someone to exploit your code. The exploit here is buffer overflow. Commented Aug 19, 2021 at 4:01
  • I mean, show the full message from fortify. Commented Aug 19, 2021 at 4:19
  • 2
    @AdamJones The reason why Fortify is telling you that there is a buffer overflow is probably caused by: 1) you don't check for malloc()'s return value (this is a security hole); 2) Fortify recognizes the pattern line = malloc(strlen(tmp)) as this is a security hole in many programs (not the intended behavior wanted by the programmer), but it is not a problem if you actually intended the variable line to hold fewer chars than tmp (rarely the case). I never used Fortify but I suppose this could help. Commented Aug 19, 2021 at 10:30
Related questions
3
Secure C and the universities - trained for buffer overflow
5
stack execution protection and randomization on ubuntu
37
How can I invoke buffer overflow?
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.