SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 111

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 112

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

LDRA tool suite

can

Can detect the specific instances where

Memory

memory is deallocated more than once or

Read

read/

Write to

written to the target of a freed pointer

section

.

Tool

Version

Checker

Description

Section
Include Page
LDRA_V
LDRA_V
section

51 D

section

Fully

Implementedsection

implemented.

Fortify SCA

section

V. 5.0

 

 

section

Splint

Include Page
Splint_V
Splint_V

 

 

section

Compass/ROSE

 

 

 

section

Coverity Prevent

Include Page
Coverity_V
Coverity_V
section

USE_AFTER_FREE

Section

Klocwork

Include Page
Klocwork_V
Klocwork_V
section

UFM.DEREF.MIGHT
UFM.DEREF.MUST
UFM.RETURN.MIGHT
UFM.RETURN.MUST
UFM.USE.MIGHT
UFM.USE.MUST

 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

ISO/IEC TR 24772 "DCM Dangling references to stack frames" and "XYK Dangling Reference reference to Heapheap"

MISRA Rule 17.6

MITRE CWE: CWE-416, "Use After Freeafter free"

Bibliography

[Kernighan 1988] Section 7.8.5, "Storage Managementmanagement"
[OWASP Freed Memory]
[Seacord 2005a] Chapter 4, "Dynamic Memory Management"
[Viega 2005] Section 5.2.19, "Using freed memory"
[xorl 2009] "CVE-2009-1364: LibWMF Pointer Use after free()"

...