SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 24

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 25

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: cleaned up the text some more

...

This example places no upper bound on the memory space required due to which . As a result, the program can easily exhaust the heap.

...

Code Block
bgColor#FFcccc
langc
#include <stdio.h>
#include <string.h>
#include <stdlib.h>

enum {MAX_LENGTH=100};

typedef struct namelist_s {
  char name[MAX_LENGTH];
  struct namelist_s* next;
} *namelist_t;

int main() {
  namelist_t names = NULL;
  char new_name[MAX_LENGTH];

  do {
    /* Adding unknown number of records to a list
       The user can enter as much data as he wants and exhaust the heap */
    puts("To quit, enter \"quit\"");
    puts("Enter record:");
    fgets( new_name, MAX_LENGTH, stdin);
    if (strcmp( new_name, "quit") != 0) {
      /* Names continue to be added without bothering about the size on the heap */
      unsigned int i = strlen(new_name) - 1;
      if (new_name[i] == '\n') new_name[i] = '\0';
      namelist_t new_entry = (namelist_t) malloc( sizeof( struct namelist_s));
      if (new_entry == NULL) {
	        /* handle error */
      }
      strcpy( new_entry->name, new_name);
      new_entry->next = names;
      names = new_entry;
    }
    puts( new_name);
  } while (strcmp( new_name, "quit") != 0);

  return 0;
}

...

If the objects or data structures are large enough to potentially cause heap exhaustion, the programmer must should consider using databases instead, to ensure that records are written to the disk in a timely fashion. Hence, this structure will never and that the data structure does not outgrow the heap.

In the above previous noncompliant code example, the user can reuse a single long variable to store the input and write that value into a simple database containing a table User with a field userID along with any other required fields. This will prevent prevents the heap from getting being exhausted.

Risk Assessment

It is difficult to pinpoint violations of this recommendation since because static analysis tools are currently unable to identify code that can lead to heap exhaustion. The heap size may will also differ in different machinesvary for different runtime environments.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MEM11-C

low

probable

high

P2

L3

...