SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 82

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 83

changes.mady.by.user Pamela Curtis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Compass/ROSE could check violations of this rule by examining the size expression to malloc() or memcpy() functions. Specifically the size argument should be bounded by 0, SIZE_MAX, and, unless it is a variable of type size_t or rsize_t, it should be bounds-checked before the malloc() call. If the argument is of the expression a*b, then an appropriate check is:

Code Block
  if (a < SIZE_MAX / b && a > 0) ...

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

Wiki Markup
\[[Coverity 07|AA. C References#Coverity 07]\]
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.20.3, "Memory Management Functions"
\[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "XYB Buffer Overflow in Heap"
\[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 190|http://cwe.mitre.org/data/definitions/190.html], "Integer Overflow (Wrap or Wraparound)," [CWE ID 131|http://cwe.mitre.org/data/definitions/131.html], "Incorrect Calculation of Buffer Size"
\[[Seacord 05|AA. C References#Seacord 05]\] Chapter 4, "Dynamic Memory Management," and Chapter 5, "Integer Security"
\[[Coverity 07|AA. C References#Coverity 07]\]

...

      08. Memory Management (MEM)       09. Input Output (FIO)