Dangling pointers can lead to exploitable double-free and access-freed-memory vulnerabilities. A simple yet effective way to eliminate dangling pointers and avoid many memory-related vulnerabilities is to set pointers to NULL after they are freed or to set them to another valid object.
...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
Compass/ROSE |
|
|
| ||||||
| USE_AFTER_FREE | Can detect the specific instances where memory is deallocated more than once or read/written to the target of a freed pointer. |
...
ISO/IEC 9899:2011 Section 7.22.3.2, "The free function"
ISO/IEC TR 24772 "DCM Dangling references to stack frames," "XYK Dangling reference to heap," and "XZH Off-by-one error"
...
MITRE CWE: CWE-415, "Double free"
Bibliography
[Seacord 2005a] Chapter 4, "Dynamic Memory Management"
[Plakosh 2005]
...