SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 95

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user Anirban Gangopadhyay

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Unsigned integer wrapping in memory allocation functions can lead to buffer overflows that can be exploited by an attacker to execute arbitrary code with the permissions of the vulnerable process. Most implementations of calloc() now check to make sure silent wrapping does not occur, but it is not always safe to assume the version of calloc() being used is secure, particularly when using dynamically linked libraries.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MEM07-C

High

Unlikely

Medium

P6

L2

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
 

Supported, but no explicit checker
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
ALLOC.SIZE.MULOFLOWMultiplication overflow of allocation size
Compass/ROSE

 

 

 

Polyspace Bug FinderR2016aMemory allocation with tainted sizeSize argument to memory function is from an unsecure source




Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-MEM07-a

The validity of values passed to library functions shall be checked

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID MEM07-CPP. Ensure that the arguments to calloc(), when multiplied, can be represented as a size_t
MITRE CWECWE-190, Integer overflow (wrap or wraparound)
CWE-128, Wrap-around error

Bibliography

[RUS-CERT]Advisory 2002-08:02, "Flaw in calloc and Similar Routines"
[Seacord 2013]Chapter 4, "Dynamic Memory Management"
[Secunia]Advisory SA10635, "HP-UX calloc Buffer Size Miscalculation Vulnerability"

...


...