The result of calling malloc(0) or calloc() to allocate 0 bytes ( - calloc(1,0), calloc(0,0), or calloc(0,1)) - to allocate 0 bytes is undefined. From a practical standpoint, allocating 0 bytes with calloc() and malloc()}} can lead to programming errors with critical security implications, such as buffer overflows. This occurs because the result of allocating 0 bytes with {{calloc() and malloc() may not be considered an error, thus the pointer returned may not be NULL. Instead, the pointer may reference a block of memory on the heap of size zero. If memory is fetched from , or stored in this that location, a location serious error could occur.
Non-
...
Compliant Code Example
...
In this example, a dynamic array of integers is allocated to store s elements. However, if s is zero, the call to {{malloc(s)}} will return a reference to a block of memory of size 0. When data is copied to this location, a heap-buffer overflow will occur.
| Code Block |
|---|
list = (int*)malloc(s);
if (list == NULL) {
/* Handle Allocation Error */
}
/* Continue Processing list */
|
Compliant Code Example
...
To assure ensure that zero is never passed as a size argument to malloc(), a check must be made on s to assure ensure it is not zero.
| Code Block |
|---|
if (s== 0) {
/* Handle Error */
}
list = (int*)malloc(s);
if (list == NULL) {
/* Handle Allocation Error */
}
/* Continue Processing list */
|
References
- Seacord 05 Chapter 4, Dynamic Memory Management