SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user rlane

Saved on

compared with

New Version 9

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The stack is often frequently used for convenient temporary storage, since because allocated memory will is automatically be freed when the function returns. However, most methods of stack allocation have no way to report failure due to lack of memory or collision. Instead of returning an error code, a failure to grow the autostack results in the process being killed. If user input is able to influence the amount of stack memory allocated then an attacker could use this in a denial-of-service attack.

Dynamic

...

Arrays

C99 includes support for variable length arrays. If the value used for the length of the array is taken from user input, an attacker could cause the program to use a large number of stack pages, possibly resulting in the process being killed due to lack of memory, or simply cause the stack pointer to point to a different region of memory. The latter could result in a page fault and the process being killed or a write to an arbitrary memory location. An easy solution is to use the malloc family of functions to allocate and free memory, and handle any errors that malloc returns.

...