MEM31-C. Free dynamically allocated memory when no longer needed

Before the lifetime of the last pointer object that stores the return value of a call to a standard memory allocation function has ended, it must be matched by a call to a standard memory deallocation function with that pointer value.

Noncompliant Code Example

In this noncompliant example, the object allocated by the call to malloc() is not freed before the end of the lifetime of last pointer object (text_buffer) referring to the object.

#include <stdlib.h>
 
const size_t BUFFER_SIZE = 32;

int f(void) {
  char *text_buffer = (char *)malloc(BUFFER_SIZE); 
  if (text_buffer == NULL) {
    return -1;
  }
  return 0;
}

Compliant Solution (free())

In this compliant solution, the pointer is deallocated with a call to free(). 

#include <stdlib.h>

const size_t BUFFER_SIZE = 32;

int f(void) {
  char *text_buffer = (char *)malloc(BUFFER_SIZE); 
  if (text_buffer == NULL) {
    return -1;
  }
 
  free(text_buffer);
  return 0;
}

Compliant Solution (static storage duration)

In this compliant solution, the pointer object that stores the return value from malloc() is stored in a variable of static storage duration.

#include <stdlib.h>
 
const size_t BUFFER_SIZE = 32;

int f(void) {
  static char *text_buffer = (char *)malloc(BUFFER_SIZE); 
  if (text_buffer == NULL) {
    return -1;
  }
  return 0;
}

Risk Assessment

Failing to free memory can result in the exhaustion of system memory resources, which can lead to a denial-of-service attack.

Automated Detection

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography