Copy of overlapping memory

Source and destination arguments of a copy function have overlapping memory

Description

This defect occurs when there is a memory overlap between the source and destination argument of a copy function such as memcpy or strcpy. For instance, the source and destination arguments of strcpy are pointers to different elements in the same string.

Risk

If there is memory overlap between the source and destination arguments of copy functions, according to C standards, the behavior is undefined.

Fix

Determine if the memory overlap is what you want. If so, find an alternative function. For instance:

If you are using memcpy to copy values from one memory location to another, use memmove instead of memcpy.
If you are using strcpy to copy one string to another, use memmove instead of strcpy, as follows:
```
s = strlen(source);
memmove(destination, source, s + 1);
```
strlen determines the string length without the null terminator. Therefore, you must move s+1 bytes instead of s bytes.

Examples

expand all

Overlapping Copy

#include <string.h>

char str[] = {"ABCDEFGH"};

void my_copy() {
    strcpy(&str[0],(const char*)&str[2]);
}

In this example, because the source and destination argument are pointers to the same string str, there is memory overlap between their allowed buffers.

Result Information

Group: Programming

Language: C | C++

Default: Off

Command-Line Syntax: OVERLAPPING_COPY

Impact: Medium

Version History

Introduced in R2015b