Klocwork issue in stdlib_noniso.cpp

[bbaltz505]

In cores/arduino/stdlib_noniso.cpp (line 153):

function 'sprintf' possibly accepts format string that may be influenced by user, causing format string vulnerability. Undefined string lengths can lead to buffer overflows and potential exploitation by attackers. Use a defined value for string lengths.

char *dtostrf (double val, signed char width, unsigned char prec, char *sout) {
   ...
   sprintf(sout, fmt, val);

[bbaltz505]

Hi @facchinm can you take a look at this? We do static code analysis of corelibs code with a tool called Klocwork and it flagged this potential issue in stdlib_noniso.cpp. Does this look serious enough to fix or should we ignore it? See this page for info on the defect type.

[facchinm]

Hi Brian,
as defined in AVR libc manual here, the user is responsible for providing a char buffer big enough to contain the string, so IMO the vulnerability should not be considered a threat 😄

[bbaltz505]

Thanks. I'll ignore future defects of this type.