...
Porting code with hard-coded sizes can result in a buffer overflow or related vulnerability.
Recommendation | Severity | Likelihood |
|---|
Detectable | Repairable | Priority | Level |
|---|---|---|---|
EXP09-C | High | Unlikely |
No | Yes | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| alloc-without-sizeof | Partially checked | ||||||
| Compass/ROSE |
Can detect violations of this recommendation. In particular, it looks for the size argument of | |||||||||
| ECLAIR |
| CC2.EXP09 | Can detect violations of this recommendation. In particular, it considers when the size of a type is used by malloc(), calloc() or realloc() and flags these functions if either the size argument does not use a sizeof operator, or the size argument uses sizeof, but the type of the returned value is not a pointer to the type of the argument to sizeof. It does not flag if the returned value is assigned to a char * | ||||||
| Helix QAC |
| C0701 | |||||||
| LDRA tool suite |
| 201 S | Partially implemented | ||||||
| CERT C: Rec. EXP09-C | Checks for hard-coded object size used to manipulate memory (rec. fully covered) | |||||||
| RuleChecker |
| alloc-without-sizeof | Partially checked | ||||||
| Security Reviewer - Static Reviewer |
| C38 C39 C40 C42 C44 C45 C46 C46 | Fully implemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| SEI CERT C++ Coding Standard | VOID EXP09-CPP. Use sizeof to determine the size of a type or variable |
| MITRE CWE | CWE-805, Buffer access with incorrect length value |
...
...