Page History

Dynamic memory managers are not required to clear freed memory and generally do not because of the additional runtime overhead.  Furthermore, dynamic memory managers are free to reallocate this same memory.  As a result, it is possible to accidently leak sensitive information if it is not cleared before calling a function that frees dynamic memory.  Programmers cannot rely on memory being cleared during allocation either \[[MEM33-C|MEM33-C. Do not assume memory allocation routines initialize memory]\].

The {{calloc()}} function ensures that the newly allocated memory has also been cleared. Because {{sizeof(char)}} is guaranteed to be 1, this solution does not need to check for a numeric overflow as a result of using {{calloc()}} \[[MEM37-C | MEM37-C. Ensure that size arguments to calloc() do not result in an integer overflow]\].

A test is added at the beginning of this code to make sure that the integer multiplication does not result in an integer overflow \[[INT32-C|INT32-C. Ensure that integer operations do not result in an overflow]\].

The {{calloc()}} function ensures that the newly allocated memory has also been cleared. Because {{sizeof(char)}} is guaranteed to be 1, this solution does not need to check for a numeric overflow as a result of using {{calloc()}} \[[MEM37-C | MEM37-C. Ensure that size arguments to calloc() do not result in an integer overflow]\].

\[[Graff 03|AA. C References#Graf 03]\] 
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.3, "Memory management functions"
\[[NIST 06b|AA. C References#NIST 06b]\]