Dangling pointers can lead to exploitable double-free and access-freed-memory vulnerabilities. A simple yet effective way to eliminate dangling pointers and avoid many memory-related vulnerabilities is to set pointers to NULL after they are freed or to set them to another valid object.
...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
Compass/ROSE |
|
|
| ||||||
| USE_AFTER_FREE | Can detect the specific instances where memory is deallocated more than once or read/written to the target of a freed pointer. |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...
...
| Dangling references to stack frames |
...
| [DCM] Dangling reference to heap |
...
| [XYK] Off-by-one error |
...
| [XZH] |
| MITRE CWE |
...
...
| Use after free |
...
...
...
| Double free |
...
Bibliography
| [Seacord 2005a] | Chapter 4, "Dynamic Memory Management" |
| [Plakosh 2005] |
...