SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user Sandy Shrum

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Passing a pointer value to a deallocation function that was not previously obtained by the matching allocation function results in undefined behavior, which can lead to exploitable vulnerabilities.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MEM56-CPP

High

Likely

Medium

P18

L1

Automated Detection

Tool

Version

Checker

Description

 

 

 

Astrée

Include Page
Astrée_V
Astrée_V

dangling_pointer_use

Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC++-MEM56
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

DF4721, DF4722, DF4723


Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_CPP-MEM56-a

Do not store an already-owned pointer value in an unrelated smart pointer

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C++: MEM56-CPPChecks for use of already-owned pointers (rule fully covered)

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V1006

 


Related Vulnerabilities

Search for other vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardMEM50-CPP. Do not access freed memory
MEM51-CPP. Properly deallocate dynamically allocated resources
MITRE CWE

CWE-415, Double Free
CWE-416, Use After Free
CWE 762, Mismatched Memory Management Routines 

Bibliography

[ISO/IEC 14882-2014]Subclause 20.8, "Smart Pointers"

...


...

 Image Modified