SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 68

changes.mady.by.user Melanie Thompson

Saved on

compared with

New Version 69

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Program stacks are frequently used for convenient temporary storage because allocated memory is automatically freed when the function returns. Generally, the operating system will grow the stack as needed. However, growing the stack can fail due to a lack of memory or collision with other allocated areas of the address space (depending on the architecture). When the stack is exhausted, the operating system may can terminate the program abnormally. This behavior can be exploited by , and an attacker to can cause a denial-of-service attack in situations where the attacker can control or influence the amount of stack memory allocated.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C++ Secure Coding Standard: MEM05-CPP. Avoid large stack allocations

Bibliography

unmigrated-wiki-markup

\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.7.5.2, "Array declaratorsDeclarators", and Section 7.20.3, "Memory management functions" \[[

ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] TR 24772 "GDL Recursion"

MISRA 2004 Rule 16.2

Bibliography

Wiki Markup

\[[Loosemore 2007|AA. Bibliography#Loosemore 07]\] [Section 3.2.5, "Automatic Storage with Variable Size"|http://www.gnu.org/software/libc/manual/html_mono/libc.html#Variable-Size-Automatic]
\[[MISRA 2004|AA. Bibliography#MISRA 04]\] Rule 16.2
\[[Seacord 2005a|AA. Bibliography#Seacord 05]\] Chapter 4, "Dynamic Memory Management"
\[[van Sprundel 2006|http://ilja.netric.org/files/Unusual%20bugs.pdf]\] "Stack Overflow"

...