...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#define BUFSIZE 256
void f(void) {
char *buf = (char *)malloc(BUFSIZE * sizeof(char));
char *p;
/* ... */
p = (char *)realloc(buf, 2 * BUFSIZE); /* violation */
/* ... */
} |
Exceptions
MEM34-EX1: Some library implementations accept and ignore a deallocation of non-allocated memory (or, alternatively, cause a runtime-constraint violation). If all libraries used by a project have been validated as having this behavior, then this rule can be ignored.
Risk Assessment
Freeing or reallocating memory that was not dynamically allocated can lead to arbitrary code execution if that memory is reused by malloc().
...