...
| Wiki Markup |
|---|
A small collection of macros can provide secure implementations for common uses for the standard memory allocation functions. The omission of a {{REALLOC()}} macro is intentional (see \[[MEM08-A. Use realloc() only to resize dynamically allocated arrays]\]). |
| Code Block | ||
|---|---|---|
| ||
/* allocates a single object using malloc(). */
#define MALLOC(type) ((type *)malloc(sizeof(type)))
/* allocates an array of objects using malloc(). */
#define MALLOC_ARRAY(number, type) \
((type *)malloc(number * sizeof(type)))
/* allocates a single object with a flexible array member using malloc(). */
#define MALLOC_FLEX(stype, number, etype) \
((stype *)malloc(sizeof(stype) + number * sizeof(etype)))
/* allocates an array of objects using calloc(). */
#define CALLOC(number, type) \
((type *)calloc(number, sizeof(type)))
/* reallocates an array of objects using realloc(). */
#define REALLOC_ARRAY(pointer, number, type) \
((type *)realloc(pointer, number * sizeof(type)))
/* reallocates a single object with a flexible array member using realloc(). */
#define REALLOC_FLEX(pointer, stype, number, etype) \
((stype *)realloc(pointer, sizeof(stype) + number * sizeof(etype)))
|
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM02-A | 1 (low) | 1 (unlikely) | 3 (low) | P3 | L3 |
Automated Detection
The LDRA tool suite V 7.6.0 is able to detect violations of this recommendation.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...