...
| Code Block | ||
|---|---|---|
| ||
int main(int argc, const char *argv[]) {
char *buff;
buff = (char *)malloc(BUFSIZE);
if (!buff) {
/* handle error condition */
}
/* ... */
strncpy(buff, argv[1], BUFSIZE-1);
/* ... */
free(buff);
buff = NULL;
}
|
Risk Assessment
Reading memory that has already been freed can lead to abnormal program termination and denial-of-service attacks. Writing memory that has already been freed can lead to the execution of arbitrary code with the permissions of the vulnerable process.
...