CXX.STDLIB.ILLEGAL_WRITE
The CXX.STDLIB.ILLEGAL_WRITE checker reports a defect when pointers returned by getenv(), setlocale(), localeconv(), asctime(), or strerror() are not constant qualified pointers.
Vulnerability and risk
When objects pointed to by a call to the above functions are modified by the program, it can result in undefined behavior. Compilers do not report this issue because there is not a constraint violation.
Mitigation and prevention
The pointers returned by getenv(), setlocale(), localeconv(), asctime(), or strerror() should be assigned to constant qualified pointers. The compiler or analysis tool will report an issue if the code tries to modify the pointer assigned to a constant qualified pointer.
Vulnerable code example
void f()
{
char *s = setlocale( LC_ALL, 0 ); /* Non-compliant */
struct lconv *t = localeconv(); /* Non-compliant */
s[1] = 'A'; /* Undefined Behavior */
t->decimal_point = "^"; /* Undefined Behavior */
}
In this example, the code does not assign returned pointers to const qualified pointers.
Fixed code example
void f()
{
char s [64];
char *t = setlocale( LC_ALL, 0 );
(void) strcpy( s, t ); /* Compliant */
(void) strcpy( s, setlocale( LC_ALL, 0 ) ); /* Compliant */
}
In this fixed example, the pointers returned by calling setlocale() are assigned to const qualified pointers. The second parameter of strcpy() takes constant char *.
Related checkers
- MISRA.STDLIB.ILLEGAL_WRITE.2012_AMD1