...
| Code Block | ||
|---|---|---|
| ||
size_t size = strlen(input_str)+1; str = (char *)malloc(size); memcpy(str, input_str, size); /* ... */ free(str); str = NULL; |
In accordance with rule MEM35-C. Allocate sufficient memory for an object, the argument supplied to malloc() is checked to ensure a numeric overflow does not occur. In most cases it is preferable to check that this value does not exceed some maximum allocation that is typically much smaller than SIZE_MAX.
Compliant Solution
To correct this error, ensure the pointer returned by malloc() is not NULL. This also ensures compliance with MEM32-C. Detect and handle memory allocation errors.
...
Fortify SCA Version 5.0 can detect violations of this rule.
Compass/ROSE is able to can detect violations of this rule. In particular, Rose ensures that any pointer returned by malloc(), calloc(), or realloc() is first checked for NULL before being used (otherwise it is free()-d). Rose does not handle cases where an allocation is assigned to an lvalue that is not a variable (such as a struct member or C++ function call returning a reference.)
...