DeepSource
Dashboard Resources Pricing Discover Directory Log in

Run your first analysis.

Find thousands of code security and quality issues in your codebase, before they end up in production.

Start now
C & C++

C & C++

Made by DeepSource
Use Analyzer

Potential buffer overrun CXX-S1005

Security
Major

While writing data to a buffer, the program can overrun the buffer's boundary and overwrite adjacent memory locations. These can either cause a crash if the memory region is inaccessible to the process for writing, or in the worst case produce a vulnerability to overwrite parts of the memory with untrusted user code.

A lack of bound checking before writing to a buffer or using a buffer manipulation function without a buffer size argument is a possible bug hotspot. If it is intentional, ignore the issue in the panel or use the skipcq flag.

Bad practice

char dest[32] = {};
char* src = "this is probably a longer string that you expected to see?";
strcpy(dest, src);

Recommended

char dest[32] = {};
char* src = "this is probably a longer string that you expected to see?";
strncpy(dest, src, sizeof(dest));