SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 12

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 13

changes.mady.by.user Will Snavely

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reverted from v. 11

...

Code Block
bgColor#FFCCCC
langc
LPTSTR buf;
DWORD n = FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER |
                        FORMAT_MESSAGE_FROM_SYSTEM |
                        FORMAT_MESSAGE_IGNORE_INSERTS, 0, GetLastError(),
                        LANG_USER_DEFAULT, (LPTSTR)&buf, 1024, 0);
if (n != 0) {
  /* Format and display the error to the user */

  GlobalFree(buf);
}

Compliant Solution

The compliant solution uses the proper deallocation function as described by the documentation.

Code Block
bgColor#ccccff
langc
LPTSTR buf;
DWORD n = FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER |
                        FORMAT_MESSAGE_FROM_SYSTEM |
                        FORMAT_MESSAGE_IGNORE_INSERTS, 0, GetLastError(),
                        LANG_USER_DEFAULT, (LPTSTR)&buf, 1024, 0);
if (n != 0) {
  /* Format and display the error to the user */

  LocalFree(buf);
}

Risk Assessment

Mixing allocation and deallocation functions can lead to memory corruption issues, or result in accessing out-of-bounds memory.

...

SEI CERT C++ Coding StandardVOID MEM39-CPP. Resources allocated by memory allocation functions must be released using the corresponding memory deallocation function

 

...

Image Modified