...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdlib.h>
struct flex_array_struct {
size_t num;
int data[];
};
void func(void) {
struct flex_array_struct *flex_struct;
size_t array_size = 4;
/* Dynamically allocate memory for the struct */
flex_struct = (struct flex_array_struct *)malloc(
sizeof(struct flex_array_struct)
+ sizeof(int) * array_size);
if (flex_sructstruct == NULL) {
/* Handle error */
}
/* Initialize structure */
flex_struct->num = array_size;
for (size_t i = 0; i < array_size; ++i) {
flex_struct->data[i] = 0;
}
} |
...
Failure to use structures with flexible array members correctly can result in undefined behavior.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM33-C | Low | Unlikely | Low | P3 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||
|---|---|---|---|---|---|---|---|
| Astrée |
|
| Supported, but no explicit checker | ||||
| Compass/ROSE |
Can detect all of these | |||||||||
| LDRA tool suite |
| 649 S, 650 S | Fully implemented | ||||||
| PRQA QA-C | 9.1 | 1061, 1062, 1063, 1064 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| CERT C Secure Coding Standard | DCL38-C. Use the correct syntax when declaring a flexible array member | Prior to 2018-01-12: CERT: Unspecified Relationship |
CERT-CWE Mapping Notes
Key here for mapping notes
...
There is no longer a C++ rule for MEM33-CPP. (In fact, all C++ rules from 30-50 are gone, because we changed the numbering system to be 50-99 for C++ rules.)
Bibliography
| [ISO/IEC 9899:2011] | Subclause 6.7.2.1, "Structure and Union Specifiers" |
| [JTC1/SC22/WG14 N791] | Solving the Struct Hack Problem |
...
...