SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 111

changes.mady.by.user David Svoboda

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Avoid excessive stack allocations, particularly in situations where the growth of the stack can be controlled or influenced by an attacker. See INT04-C. Enforce limits on integer values originating from tainted sources for more information on preventing attacker-controlled integers from exhausting memory.

Noncompliant Code Example

...

Polyspace Bug Finder

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

IO.TAINT.SIZE

MISC.MEM.SIZE.BAD

Tainted Allocation Size

Unreasonable Size Argument

Coverity

Include Page
Coverity_V
Coverity_V

STACK_USE

Can help detect single stack allocations that are dangerously large, although it will not detect excessive stack use resulting from recursion

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C1051, C1520, C3670
Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.FUNC.RECUR
LDRA tool suite
Include Page
LDRA_V
LDRA_V
44 SEnhanced Enforcement
Parasoft C/C++test

Include Page
Polyspace Bug FinderParasoft_VPolyspace Bug Finder_V

Tainted size of variable length array

Variable length array with nonpositive size

MISRA C:2012 Rule 17.2

Size of the variable-length array (VLA) is from an unsecure source and may be zero, negative, or too large

Size of variable-length array is zero or negative

Functions shall not call themselves, either directly or indirectly

PRQA QA-C
Include Page
PRQA QA-C_vPRQA QA-C_v

Parasoft_V

CERT_C-MEM05-a
CERT_C-MEM05-b

Do not use recursion
Ensure the size of the variable length array is in valid range

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

9035, 9070

Partially supported: reports use of variable length arrays and recursion

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. MEM05-C


Checks for:

  • Direct or indirect function call to itself
  • Variable length array with nonpositive size
  • Tainted size of variable length array

Rec. partially covered.

1520
3670

1051

Partially implemented

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V505

Related Vulnerabilities

Stack overflow has been implicated in Toyota unintended acceleration cases, where Camry and other Toyota vehicles accelerated unexpectedly.  Michael Barr testified at the trial that a stack overflow could corrupt the critical variables of the operating system, because they were located in memory adjacent to the top of the stack [Samek 2014].

...

[Loosemore 2007]Section 3.2.5, "Automatic Storage with Variable Size"
[Samek 2014]

Are We Shooting Ourselves in the Foot with Stack Overflow?

Monday, February 17th, 2014 by Miro Samek

[Seacord 2013]Chapter 4, "Dynamic Memory Management"[van Sprundel 2006]"Stack Overflow"


...