Use of Potentially Dangerous Function
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-676: Use of Potentially Dangerous Function |
| Confidence Level | Low |
| Impact Level | High |
| Likelihood Level | Low |
Description#
Using ‘strcpy’ or ‘strncpy’ to copy strings can lead to buffer overflows because ‘strcpy’ doesn’t check the destination size, and ‘strncpy’ may leave strings unterminated. This makes your code vulnerable to memory corruption and unexpected behavior.
Impact#
If exploited, attackers could crash your program or execute malicious code by overflowing buffers, leading to data breaches, system compromise, or denial of service. This can put sensitive data and system integrity at serious risk.