...
| Code Block | ||
|---|---|---|
| ||
...
new_buff = malloc(strlen(secret)+1);
if (!new_buff) {
/* Handle Error */
}
strcpy(new_buff, secret);
/* Process new_buff... */
free(new_buff);
...
|
Compliant Solution 1
| Code Block | ||
|---|---|---|
| ||
h2. Non-Compliant Code Example 2 |
...
Using {{realloc()}} to resize dynamic memory may allow heap inspection attacks. {{realloc()}} may allocate a new, larger block of memory, copy the contents, of {{buffer}} to this new block, {{free()}} the original block, and assign the newly allocated block to {{buffer}}. However, the contents of the original block may remain in heap memory after being marked for deallocation. |
...
{code | ||
:bgColor | =#FFcccc | }
...
buffer = realloc(buffer,new_size);
...
|
Compliant Solution 2
| Code Block | ||
|---|---|---|
| ||