SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 113

changes.mady.by.user Andrew Keeton

Saved on

compared with

New Version 114

changes.mady.by.user Andrew Keeton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This rule appears in the C++ Secure Coding Standard as MEM03-CPP. Clear sensitive information stored in reusable resources returned for reuse.

References

Wiki Markup
\[[Black 07|AA. C References#Black 07]\]
\[[Fortify 06|AA. C References#Fortify 06]\]
\[[Graff 03|AA. C References#Graf 03]\]
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.3, "Memory management functions"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "XZK Sensitive Information Uncleared Before Use"

Wiki Markup
\[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 226|http://cwe.mitre.org/data/definitions/226.html], "Sensitive Information Uncleared Before Release," [CWE ID 244|http://cwe.mitre.org/data/definitions/244.html], and "Failure to Clear Heap Memory Before Release"
\[[Black 07|AA. C References#Black 07]\]

...

      08. Memory Management (MEM)      MEM04-C. Do not perform zero length allocations