You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Use of the `strlen` function to determine the length of a string can lead to a buffer overrun vulnerability.
* Use secure versions such as `strlen_s` or `strnlen` to help prevent buffer overruns.
## Details
The `strlen` function counts characters until the null terminator is encountered.
When a string is missing the null terminator, the resulting value returned is larger than the string.
Code that relies on the result of `strlen` can suffer from a buffer overrun vulnerability.
## Severity Considerations
In the worst case, a buffer overrun vulnerability can provide an attacker the ability to execute arbitrary code leading to complete system compromise.
## Solution
Use secure versions such as `strlen_s` or `strnlen` to help prevent buffer overruns. See [Microsoft C Runtime Reference: strnlen](https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/strnlen-strnlen-s) for more information.
*[Microsoft C Runtime Reference: strlen](https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/strlen-wcslen-mbslen-mbslen-l-mbstrlen-mbstrlen-l)
*[Microsoft C Runtime Reference: strnlen](https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/strnlen-strnlen-s)
