diff --git a/docs/c-runtime-library/reference/ctime-s-ctime32-s-ctime64-s-wctime-s-wctime32-s-wctime64-s.md b/docs/c-runtime-library/reference/ctime-s-ctime32-s-ctime64-s-wctime-s-wctime32-s-wctime64-s.md index ff9fcbd2f58..efbd48aaa0d 100644 --- a/docs/c-runtime-library/reference/ctime-s-ctime32-s-ctime64-s-wctime-s-wctime32-s-wctime64-s.md +++ b/docs/c-runtime-library/reference/ctime-s-ctime32-s-ctime64-s-wctime-s-wctime32-s-wctime64-s.md @@ -109,7 +109,7 @@ Zero if successful. If there's a failure due to an invalid parameter, the invali The **`ctime_s`** function converts a time value stored as a [`time_t`](../standard-types.md) structure into a character string. The *`sourceTime`* value is typically obtained from a call to [`time`](time-time32-time64.md), which returns the number of seconds elapsed since midnight (00:00:00), January 1, 1970, coordinated universal time (UTC). The return value string contains exactly 26 characters and has the form: -`Wed Jan 02 02:03:55 1980\n\0` +`Wed Jan 2 02:03:55 1980\n\0` A 24-hour clock is used. All fields have a constant width. The new line character ('\n') and the null character ('\0') occupy the last two positions of the string. diff --git a/docs/code-quality/c26459.md b/docs/code-quality/c26459.md new file mode 100644 index 00000000000..0bd58559214 --- /dev/null +++ b/docs/code-quality/c26459.md @@ -0,0 +1,43 @@ +--- +description: "Learn more about: Warning C26459" +title: Warning C26459 +ms.date: 4/10/2024 +f1_keywords: ["C26459", "NO_RAW_POINTER_IN_STL_RANGE_CHECKED"] +helpviewer_keywords: ["C26459"] +--- +# Warning C26459 + +> You called an STL function '%function%' with a raw pointer parameter at position '%position%' that may be unsafe - this relies on the caller to check that the passed values are correct. Consider wrapping your range in a gsl::span and pass as a span iterator (stl.1) + +## Remarks + +Out of bound writes are one of the leading causes of remote code execution vulnerabilities. One remedy is to use bounds checked data structures like `gsl::span`. This warning identifies cases where Standard Template Library (STL) algorithms operate on raw pointers as output ranges. Raw pointers aren't bounds checked. To prevent vulnerabilities, use `gsl::span` instead. + +Code analysis name: `NO_RAW_POINTER_IN_STL_RANGE_CHECKED` + +## Example + +The following code demonstrates undefined behavior because there isn't any bounds checking and `copy_if` writes beyond the provided storage. + +```cpp +void f() +{ + std::vector myints = { 10, 20, 30, 40, 50, 60, 70 }; + int mydestinationArr[7] = { 10, 20, 80 }; + + std::copy_if(myints.begin(), myints.end(), mydestinationArr, [](int i) { return !(i<0); }); // Warning: C26459 +} +``` + +To fix the warning, use `gsl::span` to make sure the output range is bounds checked: + +```cpp +void f() +{ + std::vector myints = { 10, 20, 30, 40, 50, 60, 70 }; + int mydestinationArr[7] = { 10, 20, 80 }; + gsl::span mySpan{mydestinationArr}; + + std::copy_if(myints.begin(), myints.end(), mySpan.begin(), [](int i) { return !(i<0); }); // No warning +} +``` \ No newline at end of file diff --git a/docs/code-quality/toc.yml b/docs/code-quality/toc.yml index 2a5f36d499f..049d6ad6229 100644 --- a/docs/code-quality/toc.yml +++ b/docs/code-quality/toc.yml @@ -142,6 +142,8 @@ items: href: ../code-quality/c26456.md - name: Warning C26457 href: ../code-quality/c26457.md + - name: Warning C26459 + href: ../code-quality/c26459.md - name: Warning C26460 href: ../code-quality/c26460.md - name: Warning C26461