Export (0) Print
Expand All

C6029

warning C6029: possible buffer overrun in call to <function>: use of unchecked value

This warning indicates that a function that takes a buffer and a size is being passed a unchecked size. The data read-in from some external source has not been verified to see whether it is smaller than the buffer size. An attacker might intentionally specify a much larger than expected value for the size, which will lead to a buffer overrun.

Generally, whenever you read data from an untrusted external source, make sure to verify it for validity. It is usually appropriate to verify the size to make sure it is in the expected range.

The following code generates this warning by calling the annotated function ReadFile two times. After the first call, the Post attribute property marks the second parameter value untrusted. Therefore, passing an untrusted value in the second call to ReadFile generates this warning as shown in the following code:

#include "windows.h"
void f(char *buff, DWORD cbLen, DWORD cbRead, HANDLE hFile)
{
  if (!ReadFile (hFile, &cbLen, sizeof (cbLen), &cbRead, NULL))  
  {
    // code ...
    if (!ReadFile (hFile, buff, cbLen, &cbRead, NULL))  // warning 6029
    {
      // code ...
    }
  }
}

To correct this warning, check the buffer size as shown in the following code:

void f(char *buff, DWORD cbLen, DWORD cbRead, HANDLE hFile)
{
  if (!ReadFile (hFile, &cbLen, sizeof (cbLen), &cbRead, NULL))  
  {
    // code ...
    if (cbLen <= sizeof (buff))  // check length
    {
    // code ...  
      if (!ReadFile (hFile, buff, cbLen, &cbRead, NULL))  
      {
       // code ...
      }
    }
  }
}

Community Additions

ADD
Show:
© 2014 Microsoft