...
Non-compliant Example
In this example, input_stringstr is copied into dynamically allocated memory referenced by str. If malloc() }} fails, it returns an invalid (null) pointer that is assigned to {{str. When str is dereferenced in strcpy(), the program behave in an unpredictable manner.
| Code Block |
|---|
... char *str = malloc(size_of_input_str); strcpy(str, input); ... |
Compliant Solution
To correct this error, ensure the pointer returned by malloc() is not invalid (null). In addition to this rule, this should be done in accordance with rule MEM32-C. Detect and handle critical memory allocation errors.
| Code Block |
|---|
char *str = malloc(strlen(size_of_input_stringstr)+1); if (str == NULL) { /* Handle Allocation Error */ } strcpy(str, input_stringstr); |
Priority and Level
Dereferencing null pointers typically results in a denial of service condition.
...