JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
C and C++

LANG.MEM.TO : Type Overrun

Summary

Code overruns an array field boundary within an object of aggregate type.

There is some overlap between Type Overrun warnings and Tainted Buffer Access warnings, but the two are generally incomparable.

Properties

Class Name Type Overrun
Significance security
Mnemonic LANG.MEM.TO
Categories
MisraC2025 MisraC2025:1.3 There shall be no occurrence of undefined or critical unspecified behaviour
  MisraC2025:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  MisraC2025:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
  MisraC2025:21.17 Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters
  MisraC2025:D.4.1 Run-time failures shall be minimized
MisraC2023 MisraC2023:1.3 There shall be no occurrence of undefined or critical unspecified behaviour
  MisraC2023:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  MisraC2023:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
  MisraC2023:21.17 Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters
  MisraC2023:D.4.1 Run-time failures shall be minimized
Misra2012 Misra2012:1.3 There shall be no occurrence of undefined or critical unspecified behaviour
  Misra2012:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  Misra2012:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
  Misra2012:21.17 Use of the string handling functions from <string.h> shall not result in accesses beyond the bounds of the objects referenced by their pointer parameters
  Misra2012:D.4.1 Run-time failures shall be minimized
Misra2004 Misra2004:17.1 Pointer arithmetic shall only be applied to pointers that address an array or array element
  Misra2004:17.2 Pointer subtraction shall only be applied to pointers that address elements of the same array
AUTOSARC++14 AUTOSARC++14:M5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
  AUTOSARC++14:A5-2-5 An array or container shall not be accessed beyond its range.
MisraC++2008 MisraC++2008:5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
MisraC++2023 MisraC++2023:0.3.2 A function call shall not violate the function's preconditions
CWE CWE:119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CERT-C CERT-C:ARR30-C Do not form or use out-of-bounds pointers or array subscripts
  CERT-C:ARR37-C Do not add or subtract an integer to a pointer to a non-array object
  CERT-C:ARR39-C Do not add or subtract a scaled integer to a pointer
  CERT-C:ENV01-C Do not make assumptions about the size of an environment variable
  CERT-C:EXP08-C Ensure pointer arithmetic is used correctly
  CERT-C:MEM35-C Allocate sufficient memory for an object
  CERT-C:STR31-C Guarantee that storage for strings has sufficient space for character data and the null terminator
CERT-CPP CERT-CPP:CTR50-CPP Guarantee that container indices and iterators are within the valid range
  CERT-CPP:STR50-CPP Guarantee that storage for strings has sufficient space for character data and the null terminator
JSF++ JSF++:211 Algorithms shall not assume that shorts, ints, longs, floats, doubles or long doubles begin at particular addresses.
OWASP-2017 OWASP-2017:A8 Insecure deserialization
OWASP-2021 OWASP-2021:A8 Software and data integrity failures
Availability Available for C and C++.
Enabling Checks for this warning class are enabled by default. To disable them, add the following WARNING_FILTER rule to the project configuration file. 
WARNING_FILTER += discard class="Type Overrun"

Could Indicate

CWE:843 Access of Resource Using Incompatible Type ('Type Confusion')

Example 

struct {
    int ssn;
    char name[20];
    int grades[50];
} record;

void lang_mem_to(char c){
  record.name[20] = c;    /* 'Type Overrun' warning issued here */
}

Relevant Configuration File Parameters

The following configuration file parameters affect checks for this warning class.

 

To report problems with this documentation, please visit https://support.codesecure.com/.