JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
C and C++

MISC.MEM.RPNT : Read Past Null Terminator

Summary

A call to memcmp() or bcmp() specifies a length parameter that exceeds the length of one or both memory parameters.

When READ_PAST_NTERM_CONSERVATIVE_CHECK=Yes, warnings of this class are only issued if both memory parameters are arrays having essentially char type. This behavior matches the technical definition of Misra2012:21.14.

Properties

Class Name Read Past Null Terminator
Significance reliability
Mnemonic MISC.MEM.RPNT
Categories
MisraC2025 MisraC2025:21.14 The Standard Library function memcmp shall not be used to compare null terminated strings
MisraC2023 MisraC2023:21.14 The Standard Library function memcmp shall not be used to compare null terminated strings
Misra2012 Misra2012:21.14 The Standard Library function memcmp shall not be used to compare null terminated strings
MisraC++2023 MisraC++2023:0.3.2 A function call shall not violate the function's preconditions
CWE CWE:1025 Comparison Using Wrong Factors
Availability Available for C and C++.
Enabling Checks for this warning class are enabled by default. To disable them, add the following WARNING_FILTER rule to the project configuration file. 
WARNING_FILTER += discard class="Read Past Null Terminator"

Example 

#include <string.h>
#include <stdlib.h>

char buffer1[ 12 ];
char buffer2[ 12 ];

int misc_mem_rpnt_charstar ( void ){
    (void) strcpy(buffer1, "abc");
    (void) strcpy(buffer2, "abc");
    if (memcmp ((void *) buffer1,
                (void *) buffer2,
                sizeof(buffer1)) != 0) { /* 'Read Past Null Terminator' warning issued here */
        return 1;
    }
    return memcmp((void *) buffer1,
                  (void *) buffer2,
                  (unsigned int) 3);               /* ok: only comparing up to null terminator */
}

int misc_mem_rpnt_voidstar( void ){
    void * s1 = buffer1;                            /* not an array of essentially char type */
    void * s2 = buffer2;                            /* not an array of essentially char type */
    (void) strcpy(s1, "abc");
    (void) strcpy(s2, "abc");
    if (memcmp(s1,
               s2,
               sizeof(buffer1)) != 0){   /* 'Read Past Null Terminator' warning issued here
                                          * only if READ_PAST_NTERM_CONSERVATIVE_CHECK=No */
        return 1;
    }
    return 0;
}

Relevant Configuration File Parameters

The following configuration file parameters affect checks for this warning class.

 

To report problems with this documentation, please visit https://support.codesecure.com/.