SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 100

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 101

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFcccc
langc
#include <stdlib.h>
 
enum { BUFSIZE = 256 };
 
void f(void) {
  char buf[BUFSIZE];
  char *p = (char *)realloc(buf, 2 * BUFSIZE);
  if (p == NULL) {
    /* handle error */
  }
}

Compliant Solution(realloc())

...

Code Block
bgColor#ccccff
langc
#include <stdlib.h>
 
enum { BUFSIZE = 256 };
 
void f(void) {
  char *buf = (char *)malloc(BUFSIZE * sizeof(char));
  char *p = (char *)realloc(buf, 2 * BUFSIZE);
  if (p == NULL) {
    /* handle error */
  }
}

Note that realloc() will behave properly even if malloc() failed, because when given a null pointer, realloc() behaves like a call to malloc().

Risk Assessment

Freeing or reallocating memory that was not dynamically allocated can lead to arbitrary code execution if that memory is reused by malloc().

...