Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Old Version 119

changes.mady.by.user Robert Seacord

Saved on May 14, 2008

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on Aug 06, 2025

Key

This line was added.
This line was removed.
Formatting was changed.

Content by Label

showLabels	false
max	99
spaces	com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@3bbaf8c
showSpace	false
sort	title
cql	label = "mem" and label = "rule" and label != "void" and space = currentSpace()
labels	+mem,+rule,-void

Info
Information for Editors In order to have a new guideline automatically listed above be sure to label it mem and rule.

Risk Assessment Summary

Rule	Severity	Likelihood	Detectable	Repairable	Priority	Level
MEM30-C	High	Likely	No	No	P9	L2
MEM31-C	Medium	Probable	No	No	P4	L3
MEM33-C	Low	Unlikely	Yes	No	P2	L3
MEM34-C	High	Likely	No	No	P9	L2
MEM35

Recommendations

MEM00-A. Allocate and free memory in the same module, at the same level of abstraction

MEM01-A. Store a new value in pointers immediately after free()

MEM02-A. Immediately cast the result of a memory allocation function call into a pointer to the allocated type

MEM03-A. Clear sensitive information stored in reusable resources returned for reuse

MEM04-A. Do not perform zero length allocations

MEM05-A. Avoid large stack allocations

MEM06-A. Ensure that sensitive data is not written out to disk

MEM07-A. Ensure that the arguments to calloc() when multiplied can be represented as a size_t

MEM08-A. Use realloc() only to resize dynamically allocated arrays

MEM09-A. Do not assume memory allocation routines initialize memory

Rules

MEM30-C. Do not access freed memory

MEM31-C. Free dynamically allocated memory exactly once

MEM32-C. Detect and handle memory allocation errors

MEM33-C. Use the correct syntax for flexible array members

MEM34-C. Only free memory allocated dynamically

MEM35-C. Allocate sufficient memory for an object

Risk Assessment Summary

Recommendation	Severity	Likelihood	Remediation Cost	Priority	Level
MEM00-A	High	Probable	Medium	P12	L1
MEM01-A	High	Probable	Low	P18	L1
MEM02-A	Low	Unlikely	Low	P3	L3
MEM03-A	Medium	Unlikely	Low	P6	L2
MEM04-A	High	Probable	Medium	P12	L1
MEM05-A	Low	Unlikely	Medium	P2	L3
MEM06-A	1 (low)	1 (unlikely)	2 (medium)	P2	L3
MEM07-A	High	Unlikely	High	P3	L3
MEM08-A	Medium	Unlikely	Medium	P4	L3
MEM09-A	Medium	Unlikely	Low	P6	L2

Rule	Severity	Likelihood	Remediation Cost	Priority	Level
MEM30-C	High	Likely	Medium	P18	L1
MEM31-C	High	Probable	Medium No	P12	L1	MEM32-C	Low	Likely	Medium	No	P6	L2 MEM33
MEM36-C	Low	Unlikely Probable	Low	P3	L3	No	No	MEM34-C	Low	Unlikely	Medium	P2	L3	MEM35-C	High	Probable	High	P6	L2

Related Rules and Recommendations

Navigation Map

	memory-management
	memory-management
cellWidth	700
wrapAfter	1
cellHeight	15

...

STR35-C. Do not copy data from an unbounded source to a fixed-length array 07. Characters and Strings (STR) MEM00-A. Allocate and free memory in the same module, at the same level of abstractionImage Added Image Added Image Added