C6204

warning C6204: possible buffer overrun in call to <function>: use of unchecked parameter <variable>

This warning indicates that a function call is being made that could potentially lead to an overrun of a stack buffer, depending on the possible values of parameters to the function being analyzed. This defect might cause an exploitable buffer overrun or crash.

It is a good idea to review the code, as well as the callers to this function, to see whether the function can ever be called with unexpected data. If it is not clear that all calls are safe, it might be appropriate to validate the input to the function by checking the length of any input strings or by annotating the function parameter using appropriate properties.

Example

The following code generates this warning because the input parameter (pCh) might contain invalid data:

#include<string.h>

void f(char *pCh)
{
  char buff[10];
  strcpy(buff, pCh);
}

This warning can be corrected by validating the size as shown in the following code:

#include<string.h>

void f(char *pCh)
{ 
  char buff[10];
  if (strlen(pCh) >= sizeof buff)
    return;
  strcpy (buff, pCh);
}

The preceding code might fail if a bad pointer (pCh) is passed. To make the preceding code more resilient, use annotation and safe string manipulation function as shown in the following code:

#include<string.h>
#include <codeanalysis\sourceannotations.h>
void f([Pre(NullTerminated=SA_Yes, Null=SA_No)] char* pCh)
{
  char buff[15];
  if (strlen(pCh) > sizeof buff)
    return;
  strcpy_s(buff,sizeof(buff), pCh);
}

Because the analysis tool does not consider the set of all possible callers to the function being analyzed, it is possible that the code is completely safe.

See Also

Reference

strcpy_s, wcscpy_s, _mbscpy_s

Concepts

Annotation Overview