JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
C and C++

LANG.MEM.TBA : 汚染されたバッファアクセス

要旨

バッファの読み込みもしくは書き込み箇所が汚染された可能性のある値によって決定されているため、バッファ外にアクセスする可能性があります。

このクラスはバッファオーバーラン, バッファアンダーラン, 型オーバーラン および 型アンダーラン と類似しており、検出されたワーニングが重複する場合もありますが、一般的には異なるものです。

プロパティ

クラス名 Tainted Buffer Access
日本語クラス名 汚染されたバッファアクセス
クラス分類 セキュリティ (security)
ニーモニック LANG.MEM.TBA
カテゴリー
MisraC2025 MisraC2025:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  MisraC2025:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
MisraC2023 MisraC2023:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  MisraC2023:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
Misra2012 Misra2012:18.1 A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
  Misra2012:18.2 Subtraction between pointers shall only be applied to pointers that address elements of the same array
Misra2004 Misra2004:17.1 Pointer arithmetic shall only be applied to pointers that address an array or array element
  Misra2004:17.2 Pointer subtraction shall only be applied to pointers that address elements of the same array
AUTOSARC++14 AUTOSARC++14:M5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
  AUTOSARC++14:A27-0-1 Inputs from independent components shall be validated.
MisraC++2008 MisraC++2008:5-0-16 A pointer operand and any pointer resulting from pointer arithmetic using that operand shall both address elements of the same array.
MisraC++2023 MisraC++2023:0.3.2 A function call shall not violate the function's preconditions
CWE CWE:20 Improper Input Validation
  CWE:119 Improper Restriction of Operations within the Bounds of a Memory Buffer
TS17961 TS17961:5.14-nullref Dereferencing an out-of-domain pointer
  TS17961:5.45-taintsink Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink
CERT-C CERT-C:ARR30-C Do not form or use out-of-bounds pointers or array subscripts
  CERT-C:ARR37-C Do not add or subtract an integer to a pointer to a non-array object
  CERT-C:ARR39-C Do not add or subtract a scaled integer to a pointer
  CERT-C:EXP08-C Ensure pointer arithmetic is used correctly
  CERT-C:INT04-C Enforce limits on integer values originating from tainted sources
  CERT-C:INT31-C Ensure that integer conversions do not result in lost or misinterpreted data
  CERT-C:MEM35-C Allocate sufficient memory for an object
  CERT-C:POS30-C Use the readlink() function properly
  CERT-C:STR38-C Do not confuse narrow and wide character strings and functions
CERT-CPP CERT-CPP:CTR50-CPP Guarantee that container indices and iterators are within the valid range
  CERT-CPP:CTR52-CPP Guarantee that library functions do not overflow
JSF++ JSF++:211 Algorithms shall not assume that shorts, ints, longs, floats, doubles or long doubles begin at particular addresses.
DISA-6r1 DISA-6r1:V-222606 The application must validate all input.
  DISA-6r1:V-222609 The application must not be subject to input handling vulnerabilities.
  DISA-6r1:V-222612 The application must not be vulnerable to overflow attacks.
DISA-5r3 DISA-5r3:V-70265 The application must validate all input.
  DISA-5r3:V-70271 The application must not be subject to input handling vulnerabilities.
  DISA-5r3:V-70277 The application must not be vulnerable to overflow attacks.
DISA-4r3 DISA-4r3:V-70265 The application must validate all input.
  DISA-4r3:V-70271 The application must not be subject to input handling vulnerabilities.
  DISA-4r3:V-70277 The application must not be vulnerable to overflow attacks.
DISA-3r10 DISA-3r10:V-6164 The designer will ensure the application validates all input.
  DISA-3r10:V-6165 The designer will ensure the application does not have buffer overflows, use functions known to be vulnerable to buffer overflows, and does not use signed values for memory allocation where permitted by the programming language.
OWASP-2017 OWASP-2017:A1 Injection
  OWASP-2017:A8 Insecure deserialization
OWASP-2021 OWASP-2021:A3 Injection
  OWASP-2021:A8 Software and data integrity failures
OWASP-2025 OWASP-2025:A05 Injection
対応言語 C および C++ で利用可能です。
有効/無効設定 このワーニングクラスのチェックはデフォルトで有効になっています。チェックを無効にするにはプロジェクト設定ファイル (configuration file)に以下の WARNING_FILTER ルールを追加してください。 
WARNING_FILTER += discard class="Tainted Buffer Access"


#include <stdio.h>

void tainted_buffer_access(void){
    int c;
    char buf[10];

    c = getchar();
    if (c == EOF) {return;}
    buf[c*c] = 'a';  /* 'Tainted Buffer Access' warning issued here */ 
}

関連のある設定ファイルパラメータ

設定ファイルの以下のパラメータがこのワーニングクラスのチェックに影響します。

 

To report problems with this documentation, please visit https://support.codesecure.com/.