...
Do not create an unrelated smart pointer object with a pointer value is that owned is owned by another smart pointer object. This includes resetting a smart pointer's managed pointer to an already-owned pointer value, such as by calling reset()
.
...
Passing a pointer value to a deallocation function that was not previously obtained by the matching allocation function results in undefined behavior, which can lead to exploitable vulnerabilities.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
MEM56-CPP | High | Likely | Medium | P18 | L1 |
Automated Detection
Tool | Version | Checker | Description |
---|
Astrée |
| dangling_pointer_use | |||||||
Axivion Bauhaus Suite |
| CertC++-MEM56 | |||||||
Helix QAC |
| DF4721, DF4722, DF4723 | |||||||
Parasoft C/C++test |
| CERT_CPP-MEM56-a | Do not store an already-owned pointer value in an unrelated smart pointer | ||||||
Polyspace Bug Finder |
| CERT C++: MEM56-CPP | Checks for use of already-owned pointers (rule fully covered) | ||||||
|
Related Vulnerabilities
Search for other vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
SEI CERT C++ Coding Standard | MEM50-CPP. Do not access freed memory MEM51-CPP. Properly deallocate dynamically allocated resources |
MITRE CWE | CWE-415, Double Free |
Bibliography
[ISO/IEC 14882-2014] | Subclause 20.8, "Smart Pointers" |
...
...