...
This noncompliant code example is derived from a real-world example taken from a vulnerable version of the libpng library as deployed on a popular ARM-based cell phone [Jack 2007]. The libpng implements its own wrapper to malloc() that returns a null pointer on error or on being passed a 0 byte length argument.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
png_charp chunkdata; interrno_t f(void) { chunkdata = (png_charp)png_malloc(png_ptr, length + 1); if (NULL == chunkdata) { return -1; /* Indicate failure */ } /* ... */ return 0; } |
...