...
Klocwork Version 8.0.4.16 can detect violations of this rule with the UFM.DEREF.MIGHT, UFM.DEREF.MUST, UFM.FFM.MIGHT, UFM.FFM.MUST, UFM.PARAMPASS.MIGHT, UFM.PARAMPASS.MUST, UFM.RETURN.MIGHT, UFM.RETURN.MUST, UFM.USE.MIGHT, and UFM.USE.MUST checkers.
Related Vulnerabilities
| Wiki Markup |
|---|
[CVE-2009-1364|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1364] results from a violation of this rule. Version 0.2.8.4 of {{libwmf}} reallocates memory (with {{realloc}}), and stores the pointer return value under a different name, yet continues to use the original name. The C standard specifies that if the memory's location is moved, then the original copy is freed, so an attacker can execute arbitrary code by accessing the freed memory \[[xorl 2009|AA. C References#xorl 2009-1364/]\]. |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
| Wiki Markup |
|---|
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.3.2, "The {{free}} function"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "DCM Dangling references to stack frames" and "XYK Dangling Reference to Heap"
\[[Kernighan 88|AA. C References#Kernighan 88]\] Section 7.8.5, "Storage Management"
\[[MISRA 04|AA. C References#MISRA 04]\] Rule 17.6
\[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 416|http://cwe.mitre.org/data/definitions/416.html], "Use After Free"
\[[OWASP Freed Memory|AA. C References#OWASP Freed Memory]\]
\[[Seacord 05a|AA. C References#Seacord 05]\] Chapter 4, "Dynamic Memory Management"
\[[Viega 05|AA. C References#Viega 05]\] Section 5.2.19, "Using freed memory"
\[[xorl 2009|AA. C References#xorl 2009-1364]\] |
...
MEM12-C. Consider using a Goto-Chain when leaving a function on error when using and releasing resources 08. Memory Management (MEM) MEM31-C. Free dynamically allocated memory exactly once