14 DAY TRIAL // The memcpy() C runtime function has its days numbered at Microsoft, because of its security-related notoriety. The company plans to add it to its Security Development Lifecycle (SDL) Banned Function Calls list later this year.
According to the C++ Resources Network, the memcpy() function call copies the values of num bytes from the location pointed by source directly to the memory block pointed by destination. The problem is that this can be a common source for buffer overflow vulnerabilities. In fact, this particular function has been the source of a large number of security updates from both Microsoft and other developers over the years.
"Because we have seen many security vulnerabilities in products from Microsoft and many others, including ISVs and competitors, and because we have a viable replacement, I am 'proud' to announce that we intend to add memcpy() will to the SDL C and C++ banned API list later this year as we make further revisions to the SDL," a recent article on the Security Development Lifecycle blog announces.
The referenced replacement is the memcpy_s() function, which has been available in Microsoft's Visual C++ for quite a while now. However, memcpy_s() is not natively supported by other compilers, such as GCC, which is used by all Linux flavors. The two functions are quite similar and, as it turns out, it should be easy for developers to update their code from memcpy() to memcpy_s(), the only difference being that the latter allows an extra parameter – sizeof(dst), the size of the destination buffer.
Microsoft is well aware of the security problems raised by using memcpy() for a long time, and that's why it is already included on the SDL Recommended banned list. However, its move to the SDL banned API requirement list will effectively force developers who create applications for the Windows platform to stop using it if they want to remain SDL-compliant.
Programmers should be advised, though, that memcpy_s() is not foolproof, at least not in a way that prevents human error. "You can easily make a call to memcpy_s() insecure by getting the buffer sizes wrong. The following code is no better than memcpy(): memcpy_s(dst,len, src,len);" Microsoft warns.
Furthermore, memcpy() is not the only function doomed for the upcoming SDL revision. CopyMemory() and RtlCopyMemory() will also join the already banned strcpy(), strcat(), strncpy(), strncat(), gets() "and their foul brethren."