...
In this example, input_str is copied into dynamically allocated memory referenced by str. If malloc() }} fails, it returns an invalid (null) pointer that is assigned to {{str. When str is dereferenced in strcpy(), the program behave in an unpredictable manner.
| Code Block |
|---|
...
char *str = malloc(size_of_input_str);
strcpy(str, input);
...
|
...
To correct this error, ensure the pointer returned by malloc() is not invalid (null). In addition to this rule, this should be done in accordance with rule MEM32-C. Detect and handle critical memory allocation errors.
| Code Block |
|---|
... char *str = malloc(size_of_input_str); if (str == NULL) { /* Handle Allocation Error */ } strcpy(str, input_str); ... |
Priority and Level
Dereferencing null pointers typically results in a denial of service condition.
...