SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 65

changes.mady.by.user Ed Desautels

Saved on

compared with

New Version 66

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
This example checks the value of {{cBlocks}} to make sure the subsequent multiplication operation cannot result in an integer overflow.  The code also ensures that {{cBlocks}} is not equal to zero (see \[[MEM04-A. Do not makeperform assumptionszero about the result of allocating 0 byteslength allocations]\]).

Non-Compliant Code Example (range checking)

...

Wiki Markup
The code also ensures that {{len}} is not equal to zero (see \[[MEM04-A. Do not makeperform assumptionszero about the result of allocating 0 byteslength allocations]\]).

Risk Assessment

Providing invalid size arguments to memory allocation functions can lead to buffer overflows and the execution of arbitrary code with the permissions of the vulnerable process.

...