SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 150

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version 151

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFCCCC
langc
const char *p;
void dont_do_this(void) {
  const char c_str[] = "This will change";
  p = c_str; /* Dangerous */
  /* ... */
}

void innocuous(void) {
  const char c_str[] = "Surprise, surprise";
}

int main(void) {
  dont_do_this();
  innocuous();  /* p might be pointing to "Surprise, surprise". */

  return 0;
}

Compliant Solution (Similar Scope)

...

Code Block
bgColor#ccccff
langc
void this_is_OK(void) {
  const char c_str[] = "Everything OK";
  const char *p = c_str;
  /* ... */
}
/* p is inaccessible outside the scope of string c_str. */

Alternatively, both p and c_str could be declared with static scope.

...

Code Block
bgColor#FFcccc
langc
void squirrel_away(char **ptr_param) {
  char local[10];
  /* Initialize array */
  *ptr_param = local;
}

void rodent() {
  char *ptr;
  squirrel_away(&ptr);
  /* ptr is live but invalid here. */
}

Compliant Solution 

The variable local has static storage duration, so ptr is live and valid in the function rodent():

Code Block
bgColor#ccccff
langc
char local[10];
 
void squirrel_away(char **ptr_param) {
  /* Initialize array */
  *ptr_param = local;
}

void rodent() {
  char *ptr;
  squirrel_away(&ptr);
  /* ptr is live and valid here. */
}

Risk Assessment

Referencing an object outside of its lifetime can result in an attacker being able to run arbitrary code.

...