SW500005 Microchip Technology, SW500005 Datasheet - Page 3

SW500005

Manufacturer Part Number

SW500005

Description

PICC STD

Manufacturer

Microchip Technology

Type

Compilerr

Series

PIC10/12/16r

Datasheets

1.SW500005.pdf (4 pages)

2.SW500012.pdf (6 pages)

Specifications of SW500005

Supported Families

PIC10, PIC12, PIC16

Core Architecture

PIC

Software Edition

Standard

Kit Contents

Software And Docs

Mcu Supported Families

PIC10/12/16

Tool Type

Compiler

Lead Free Status / RoHS Status

Not applicable / RoHS Compliant

For Use With/related Products

PIC10, PIC12, PIC14, PIC16, PIC17

Lead Free Status / Rohs Status

Lead free / RoHS Compliant

Other names

019
778-1000
778-1000

Current page: 3 of 4
Download datasheet (332Kb)

Tech Tip:

A Spotter’s Guide

The phrase "buffer overflow"

people who write programs which exhibit these mythical beasts are even unaware of what they are or why

they are a problem.

#include <string.h>

main() {

/* assume precious==7

}

A word of warning: do not assume

version of

functions in the Standard Library, it will not necessarily give you back a NUL-terminated string even if

you give it one to work with. If its source is a long but valid string, and its destination is a shorter buffer, it

will fill the buffer with characters from the string but it will NOT terminate that buffer with a '\0'.

The line with

wherever

before a newline;

buffer[4]

though, that

There are many more possible ways to overflow a

meant to go. Sometimes the effect might not be noticeable, but you can never be sure. And while the

humble string or character array is the most common target, buffer overflows are not type-bigots - they

will strike anything they can touch.

To Slay the Monster

When hunting them, the first thing to look for is functions which write into arrays without any way of

knowing the amount of space available.

If you get to define the function, you can pass a length parameter in or ensure that every array you ever

pass to it is at least as big as the hard-coded maximum amount it will write.

If you are using a function someone else (say, the compiler vendor) has provided then avoiding

functions like

arrays they can never know the size of, is a good start.

Make sure that functions like the

them - store a '\0' in the last element of each array involved just before you call the function, if

necessary.

Good hunting

#include <string.h>

main() {

}

const char greet[] =

char buffer[5];

char precious = 7;

strcpy(buffer,

const char greet[5] = "hello";

char buffer[6];

strcpy(buffer, greet);

memcpy(buffer, greet,

char precious = 7;

gets()

. The line with

strcpy()

fgets()

greet);

sizeof buffer);

gets()

"hello";

gets()

is getting its input from) enters at most 4 characters

Beware the Buffer Overflow

, and has its own set of fangs. Most significantly, unlike all the other

, which take some amount of data over which you have no control and stuff it into

does not eat the '\n' like

might not be a buffer overflow, if the user (or

fgets()

cannot tell that it is not allowed to write past

Here's a buffer overflow. The constant array named

contains 6 characters, which

there is only room for 5. What will probably happen is that the last

character (the invisible '\0' that terminates the string "hello") will be copied

into the space formerly known as

precious

can never overflow its buffer. Note,

str...()

strncpy()

is almost making it into the mainstream press these days, but many

Now we've fixed the first problem by making

to hold all of

is smaller. "How?" you ask. By making

that is not a string, i.e. a char array that has no terminating '\0'.

The

copying until it finds a zero byte, if that ever happens.

The

still does (possibly unquantifiable) Bad Things, as it tries to copy

from one byte past the end of

contains the 7 we put into it will be violated.

memcpy()

strcpy()

family which expect NUL-terminated strings actually get

gets()

will save you: it is, unfortunately, not simply a bounded

buffer

greet

is better, because it is guaranteed to stop, but it

now will not know where to stop, and will keep

does.

, the

, writing data in all sorts of places it was never

strcpy()

precious

greet

tries to copy into

is then broken because

, and the assumption that

#include <stdio.h>

main() {

}

greet

char buffer[5];

gets(buffer);

fgets(buffer, sizeof

buffer

into a char array

greet

buffer, stdin);

buffer

big enough

str...()

actually

where

greet

Page 3

SW500005 Microchip Technology, SW500005 Datasheet - Page 3

SW500005

Specifications of SW500005

Related parts for SW500005