SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 48

changes.mady.by.user Jeffrey Gennari

Saved on

compared with

New Version 49

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider (sch jbop) (X_X)@==(Q_Q)@

...

Code Block
bgColor#FFcccc
int verify_size(char *list, size_t list_size) {
  if (size < MIN_SIZE_ALLOWED) {
    /* Handle Error Condition */
    free(list);
    return -1;
  }
  return 0;
}
 &#xA0;
void process_list(size_t number) {
  char *list = malloc(number);

  if (list == NULL) {
    /* Handle Allocation Error */
  }

  if (verify_size(list, number) == -1) {
    /* Handle Error */

  }

  /* Continue Processing list */

  free(list);
}

...

Code Block
bgColorccccff
int verify_size(char *list, size_t list_size) {
  if (size < MIN_SIZE_ALLOWED) {
    /* Handle Error Condition */
    return -1;
  }
  return 0;
}

void process_list(size_t number) {
  char *list = malloc(number);

  if (list == NULL) {
    /* Handle Allocation Error */
  }

  if (verify_size(list, number) == -1) {
    /* Handle Error */
  }

  /* Continue Processing list */

  free(list);
}

...

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MEM00-A

3 (high)

2 (probable)

1 (high)

P6

L2

Related Vulnerabilities

Search for Examples of vulnerabilities resulting from the violation of this recommendation can be found rule on the CERTwebsite CERT website.

References

Wiki Markup
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.3, "Memory Management Functions"
\[[Seacord 05|AA. C References#Seacord 05]\] Chapter 4, "Dynamic Memory Management"
\[[Plakosh 05|AA. C References#Plakosh 05]\]
\[[MIT Kerberos 5 Security Advisory 2004-002 | http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2004-002-dblfree.txt]\]