PREfast Warning 207 (Windows CE 5.0)
207 - Buffer overrun in call to evil function <function>.
This warning indicates that a buffer is being passed into a function that provides no way of controlling how many bytes are copied into a buffer (such as gets or _getws).
This defect can result in a memory corruption or program crash, although in some cases it can result in an exploitable security hole.
When making changes, be sure the code behaves correctly in the case of very long data.
It is possible to fix the buffer overrun and stop the PREfast warning but have code that still behaves incorrectly.
A useful technique for helping to address the problem is to use a function that includes the buffer size (such as fgets or _fgetws) instead. Handle the case where the length of the data exceeds the buffer size. In some cases, more significant changes are required.
If PREfast can determine that the buffer being passed in is a stack buffer (in which case it is more likely to result in an exploitable security hole), warning 205 is reported instead.
Example
Defective Source
static char buff[_MAX_PATH];
if (! gets(buff)) // Does not account for if something longer than
{;} // MAX_PATH is provided as input.
Corrected Source
static char buff[_MAX_PATH];
if (! fgets(buff, sizeof buff, stdin))
{;}
Send Feedback on this topic to the authors