...
| Wiki Markup |
|---|
The following example is based on rule \[[MEM02-A|MEM02-A. Do not cast the return value from malloc()]\]. The header file {{stdlib.h}} contains the function prototype for {{malloc()}}. Failing to include {{stdlib.h}} causes {{malloc()}} to be implicitly defined. |
| Code Block | ||
|---|---|---|
| ||
char *p = malloc(10); |
Compliant Solution 2
including stdlib.h ensures the function prototype for malloc() is declared.
| Code Block | ||
|---|---|---|
| ||
#include <stdlib.h> ... char *p = malloc(10); |
...
Failure to specify function prototypes can often lead to system crashes and possible denial-of-service attacks. Examples of vulnerabilities resulting from missing function prototypes include:result in undefined, and perhaps unintended program behavior.
- CVE-2002-1236, CAN-2003-0422 - CGI crashes when called without any arguments
- CVE-2002-1531, CAN-2002-1077 - crash in HTTP request without a Content-Length field
- CAN-2002-1358 - empty elements/strings in protocol test suite affect many SSH2 servers/clients
- CAN-2003-0477 - FTP server crashes in PORT command without an argument
- CVE-2002-0107 - resultant infoleak in web server via GET requests without HTTP/1.0 version string
- CAN-2002-0596 - GET reqeust with empty parameter leads to error message infoleak (path disclosure)
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DRAFT | 1 (mediumlow) | 2 1 (possibleunlikely) 2 | 3 (mediumlow) | P4 P3 | L3 |
References
- ISO/IEC 9899 Common Warnings 2