...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdlib.h>
int f(void) {
enum { BUFFER_SIZE = 32 };
char *text_buffer = (char *)malloc(BUFSIZ(BUFFER_SIZE);
if (text_buffer == NULL) {
return -1;
}
return 0;
} |
Compliant Solution (free())
In this compliant solution, the pointer is deallocated with a call to free().
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdlib.h> int f(void) { enum { BUFFER_SIZE = 32 }; char *text_buffer = (char *)malloc(BUFFER_SIZE); if (text_buffer == NULL) { return -1; } free(text_buffer); return 0; } |
Compliant Solution (static storage duration)
In this compliant solution, the pointer object that stores the return value from malloc() is stored in a variable of static storage duration.
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdlib.h> char *text_buffer; int f(void) { enum { BUFFER_SIZE = 32 }; static char *text_buffer = (char *)malloc(BUFSIZBUFFER_SIZE); if (text_buffer == NULL) { return -1; } return 0; } |
Risk Assessment
Freeing Failing to free memory multiple times can result in an attacker executing arbitrary code with the permissions of the vulnerable processthe exhaustion of system memory resources, which can lead to a denial-of-service attack.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM31-C | HighMedium | Probable | Medium | P12P6 | L1L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| RESOURCE_LEAK | Finds resource leaks from variables that go out of scope while owning a resource | |||||||
5.0 | |||||||||
| MLK | ||||||||
| 484 S | Fully implemented | |||||||
|
...