SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 12

changes.mady.by.user Jeffrey Gennari

Saved on

compared with

New Version 13

changes.mady.by.user Jeffrey Gennari

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFcccc
...
char *new_secret;
size_t size = strlen(secret);
if (size == SIZE_MAX || size == 0) {
  /* Handle Error */
}

new_secret = malloc(size+1); /* allocate space + NULL Terminator */
if (!new_secret) {
  /* Handle Error */
}
strcpy(new_secret, secret);

/* Process new_secret... */

free(new_secret);
...

...

Code Block
bgColor#ccccff
...
char *new_secret;
size_t size = strlen(secret);
if (size == SIZE_MAX || size == 0) {
  /* Handle Error */
}

new_secret = malloc(size+1); /* allocate space + NULL Terminator */
if (!new_secret) {
  /* Handle Error */
}
strcpy(new_secret, secret);

/* Process new_secret... */

memset(new_secret,'\0',size); /* sanitize memory  */
free(new_secret);
...

...

Code Block
bgColor#ccccff
Risk Assessment
Refernces
http://vulncat.fortifysoftware.com/2/HI.htmlImage Removed
http://samate.nist.gov/docs/SAMATE_source_code_analysis_tool_spec_09_15_06.pdfImage Removed
 MEM33-C. Do not assume memory allocation routines initialize memory