SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 43

changes.mady.by.user Justin Pincar

Saved on

compared with

New Version 44

changes.mady.by.user Hal Burch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: free allocated memory

...

Code Block
bgColor#FFCCCC
/* ... */
size_t size = strlen(input_str);
if (size == SIZE_MAX) { /* test for limit of size_t */
  /* Handle Error */
}
str = malloc(size+1);
strcpy(str, input_str);
/* ... */
free(str);

Wiki Markup
Note that in accordance with rule \[[MEM35-C. Allocate sufficient memory for an object]\] the argument supplied to {{malloc()}} is checked to ensure a numeric overflow does not occur.

...

Code Block
bgColor#ccccff
/* ... */
size_t size = strlen(input_str);
if (size == SIZE_MAX) { /* test for limit of size_t */
  /* Handle Error */
}
str = malloc(size+1);
if (str == NULL) {
  /* Handle Allocation Error */
}
strcpy(str, input_str);
/* ... */
free(str);

Risk Assessment

Wiki Markup
Dereferencing an invalid pointer results in undefined behavior, typically abnormal program termination.  In some situations, however, dereferencing a null pointer can lead to the execution of arbitrary code \[[van Sprundel 06|AA. C References#van Sprundel 06], [Jack 07|AA. C References#Jack 07]\].  The indicated severity is for this more severe case; on platforms where it is not possible to exploit a null pointer dereference to execute arbitrary code the actual severity is low.

...