...
The specific characteristics of these routines are based on the compiler used. With a few exceptions, this document considers only the general and compiler-independent attributes of these routines.
Recommendations
MEM00-A. Allocate and free memory in the same module, at the same level of abstraction
...
MEM06-A. Do not use user-defined functions as parameters to allocation routines
Rules
MEM30-C. Do not access freed memory
...
MEM38-C. Use Flexible Array Members for dynamically sized structures
Risk Assessment Summary
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM00-A | 3 (high) | 2 (probable) | 1 (high) | P6 | L2 |
MEM01-A | 3 (high) | 2 (probable) | 3 (low) | P18 | L1 |
MEM02-A | 1 (low) | 1 (unlikely) | 3 (low) | P3 | L3 |
MEM03-A | 2 (medium) | 1 (unlikely) | 3 (low) | P6 | L2 |
MEM04-A | 3 (high) | 2 (probable) | 2 (medium) | P12 | L1 |
MEM05-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
MEM06-A | 3 (high) | 2 (probable) | 2 (medium) | P12 | L1 |
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM30-C | 3 (high) | 3 (likely) | 2 (medium) | P18 | L1 |
MEM31-C | 3 (high) | 2 (probable) | 1 (high) | P6 | L2 |
MEM32-C | 1 (high) | 3 (likely) | 2 (high) | P6 | L1 |
MEM33-C | 2 (medium) | 1 (unlikely) | 3 (low) | P6 | L2 |
MEM34-C | 1 (high) | 3 (likely) | 2 (high) | P6 | L1 |
MEM35-C | 3 (high) | 2 (probable) | 1 (high) | P6 | L2 |
MEM37-C | 3 (high) | 1 (low) | 1 (high) | P12 | L1 |
MEM38-C | 1 (low) | 1 (unlikely) | 3 (low) | P3 | L3 |
References
| Wiki Markup |
|---|
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.3, "Memory management functions" \[[Seacord 05|AA. C References#Seacord 05]\] Chapter 4, "Dynamic Memory Management" |