insecure-use-strcat-fn
function-use-after-free
random-fd-exhaustion
insecure-use-gets-fn
insecure-use-scanf-fn
double-free
insecure-use-strtok-fn
info-leak-on-non-formated-string
insecure-use-memset
memset()
is commonly used for this purpose, it can leave sensitive information behind due to compiler optimizations or other factors. To avoid this potential vulnerability, it’s recommended to use the memset_s()
function instead. memset_s()
is a standardized function that securely overwrites the memory with a specified value, making it more difficult for an attacker to recover any sensitive data that was stored in the buffer. By using memset_s()
instead of memset()
, you can help to ensure that your application is more secure and less vulnerable to exploits that rely on residual data in memory.insecure-use-string-copy-fn
use-after-free
insecure-use-printf-fn