Freeing memory multiple times has similar consequences to accessing memory after it is freed. The underlying data structures that manage the heap can become corrupted in a way that could introduce security vulnerabilities into a program. These types of issues are referred to as double-free vulnerabilities. In practice, double-free vulnerabilities can be exploited to execute arbitrary code. VU#623332, which describes a double-free vulnerability in the MIT Kerberos 5 function krb5_recvauth(), is one example.
Wiki Markup realloc()}} function in a manner that results in double-free vulnerabilities (see \[[MEM04-A. Do not perform zero length allocations]\]).
Non-Compliant Code Example
...
| Code Block | ||
|---|---|---|
| ||
if (number > SIZE_MAX/sizeof(int)) {
/* handle overflow */
}
x = (int *)malloc(number * sizeof(int));
if (x == NULL) {
/* Handle Allocation Error */
}
/* ... */
if (error_condition == 1) {
/* Handle Error Condition*/
}
/* ... */
free(x);
x = NULL;
|
...
Note that this solution checks for numeric overflow \[[overflow (see INT32-C. Ensure that operations on signed integers do not result in overflow]\]).
Risk Assessment
Freeing memory multiple times can result in an attacker executing arbitrary code with the permissions of the vulnerable process.
...