SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 93

changes.mady.by.user Liz Whiting

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

Code Block
bgColor#ccccff
langc
#include <stdlib.h>
#include <string.h>
 
void func(void) {
  size_t resize = 1024;
  size_t alignment = 1 << 12;
  int *ptr;
  int *ptr1;

  if (NULL == (ptr = (int *)aligned_alloc(alignment,
                                          sizeof(int)))) {
    /* Handle error */
  }

  if (NULL == (ptr1 = (int *)aligned_alloc(alignment,
                                           resize))) {
    /* Handle error */
  }
  
  if (NULL == (memcpy(ptr1, ptr, sizeof(int))) {
    /* Handle error */
  }
  
  free(ptr);
}

...

Code Block
bgColor#ccccff
langc
#include <malloc.h>

void func(void) {
  size_t alignment = 1 << 12;
  int *ptr;
  int *ptr1;

  /* Original allocation */
  if (NULL == (ptr = (int *)_aligned_malloc(sizeof(int),
                                            alignment))) {
    /* Handle error */
}

  /* Reallocation */
  if (NULL == (ptr1 = (int *)_aligned_realloc(ptr, 1024,
                                              alignment))) {
    _aligned_free(ptr);
    /* Handle error */
  }

  _aligned_free(ptr1);
}

Note that the The size and alignment arguments for _aligned_malloc() are provided in reverse order of the C Standard aligned_alloc() function.

...

Improper alignment can lead to arbitrary memory locations being accessed and written to.

Recommendation

Severity

Likelihood

Detectable

Remediation Cost

Repairable

Priority

Level

MEM36-C

Low

Probable

No

High

No

P2

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported, but no explicit checker
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-MEM36Fully implemented
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BADFUNC.REALLOC

Use of realloc

Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-mem36-c
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C5027

C++5034


Klocwork
Include Page
Klocwork_V
Klocwork_V

AUTOSAR.STDLIB.MEMORY


LDRA tool suite
Include Page
LDRA_V
LDRA_V
44 SEnhanced
Enforcement
enforcement
Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

CERT_C-MEM36-aDo not modify the alignment of objects by calling realloc()

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule MEM36-CChecks for alignment change after memory allocation (rule fully covered)

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Bibliography

[ISO/IEC 9899:
2011
20247.
22
24.3.1, "
The 
The aligned_alloc Function"
[MSDN]aligned_malloc()

...


...

Image Modified Image Modified Image Modified