...
| Wiki Markup |
|---|
Using {{realloc()}} to resize dynamic memory may inadvertently expose sensitive information, or allow heap inspection as is described in Fortify's Taxonomy of Software Security Errors \[[vulncat|http://vulncat.fortifysoftware.com/2/HI.html]\] and NIST's Source Code Analysis Tool Functional Specification \[[NIST 06b|http://samate.nist.gov/docs/SAMATE_source_code_analysis_tool_spec_09_15_06.pdfAA. C References#NIST 06b]\]. When {{realloc()}} is called it may allocate a new, larger object, copy the contents, of {{secret}} to this new object, {{free()}} the original object, and assign the newly allocated object to {{secret}}. However, the contents of the original object may remain in memory. |
...
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM03-A | 2 (medium) | 1 (unlikely) | 3 (low) | P6 | L2 |
References
...
- NIST 06b
- Graff 03 Graff, Mark G. and van Wyk, Kenneth R. Secure Coding Principles & Practices: Designing and Implementing Secure Applications. Sebastopol, CA: O'Reilly & Associates, 2003 (ISBN 0-596-00242-4).
- ISO/IEC 9899-1999 Section 7.20.3, Memory management functions