...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdlib.h>
#include <string.h>
void func(void) {
size_t resize = 1024;
size_t alignment = 1 << 12;
int *ptr;
int *ptr1;
if (NULL == (ptr = (int *)aligned_alloc(alignment,
sizeof(int)))) {
/* Handle error */
}
if (NULL == (ptr1 = (int *)aligned_alloc(alignment,
resize))) {
/* Handle error */
}
if (NULL == (memcpy(ptr1, ptr, sizeof(int))) {
/* Handle error */
}
free(ptr);
} |
...
Improper alignment can lead to arbitrary memory locations being accessed and written to.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM36-C | Low | Probable | High | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| Supported, but no explicit checker | |||||||
| Axivion Bauhaus Suite |
| CertC-MEM36 | Fully implemented | ||||||
| CodeSonar |
| BADFUNC.REALLOC | Use of realloc | ||||||
| Cppcheck Premium |
| premium-cert-mem36-c | Fully implemented | ||||||
| Helix QAC |
| C5027 C++5034 | |||||||
| Klocwork |
| AUTOSAR.STDLIB.MEMORY | |||||||
| LDRA tool suite |
| 44 S | Enhanced enforcement |
| Parasoft C/C++test |
| CERT_C-MEM36-a | Do not modify the alignment of objects by calling realloc() | ||||||
| CERT C: Rule MEM36-C | Checks for alignment change after memory allocation (rule fully covered) |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
...
...