SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 113

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 114

changes.mady.by.user Aaron Ballman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFCCCC
langc
void func(size_t size) {
  int vla[size];
  /* ... */
}
/* ... */

However, it is not guaranteed that the value of size is a valid size argument, potentially giving rise to a security vulnerability.

...

Code Block
bgColor#ccccff
langc
enum { MAX_ARRAY = 1024 };

void func(size_t size) {
  if (0 < size && size < MAX_ARRAY) {
    int vla[size];
    /* ... */
  } else {
    /* Use dynamic allocation. */
  }
}
/* ... */

Implementation Details

Microsoft

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C Secure Coding StandardINT01-C. Use rsize_t or size_t for all integer values representing the size of an object
ISO/IEC TR 24772:2013Unchecked Array Indexing [XYZ]
ISO/IEC TS 17961 (Draft)Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink [taintsink]

Bibliography

[ISO/IEC 9899:2011]Annex J, J.2, "Undefined behavior" 
[Griffiths 2006] 

 

...