| Wiki Markup |
|---|
The {{calloc()}} function takes two arguments: the number of elements to allocate and the storage size of those elements. Typically, {{calloc()}} function implementations multiply these arguments together to determine how much memory to allocate. Historically, some implementations failed to check if this multiplication could result in an integer overflow \[[RUS-CERT Advisory 2002-08:02|http://cert.uni-stuttgart.de/advisories/calloc.php]]. If the result of multiplying the number of elements to allocate and the storage size cannot be represented as a {{size_t}}, less memory is allocated than was requested. As a result, it is necessary to ensure that these arguments, when multiplied, do not result in an integer overflow. |
According to RUS-CERT Advisory 2002-08:02, the following C/C++ implementations of calloc() are defective:
...
Modern implementations of the C standard library should check for overflows. If the libraries being used for a particular implementation properly handle possible integer overflows on the multiplication, that is sufficient to comply with this recommendation.
Non-Compliant Code Example
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM07-A | 3 (high) | 1 (unlikely) | 1 (high) | P3 | L3 |
Comments
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...