...
| Code Block | ||
|---|---|---|
| ||
void incr(int *intptr) {
if (intptr == NULL) {
/* Handle error */
}
*intptr++;
}
|
Compliant Solution
...
This incr() function can be improved by using the valid() function. The resulting implementation is less likely to dereference an invalid pointer or write to memory that is outside the bounds of a valid object.
...
The valid() function can be implementation dependent and perform additional, platform dependent checks when possible.
Compliant Solution (assertion)
Because invalid pointers are often indicative of a defect in the program, the assert() macro can be used to terminate immediately if an invalid pointer is discovered (see MSC11-C. Incorporate diagnostic tests using assertions).
...
| bgColor | #ccccff |
|---|
...
In the worst case, the valid() function may only perform the same null-pointer check as the noncompliant code example. However, on platforms where additional pointer validation is possible, the use of a valid() function can provide checks.
Risk Assessment
A pointer validation function can be used to detect and prevent operations from being performed on some invalid pointers.
...