...
One method to decrease memory usage in critical situations when all available memory has been exhausted is to use the realloc()
function to halve the size of message strings. The standard realloc()
function has no concept of null-terminated byte strings. As a result, if realloc()
is called to decrease the memory allocated for a null-terminated byte string, the null-termination character may be truncated.
The following This noncompliant code example fails to ensure that cur_msg
is properly null-terminated:
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...