| Note | ||
|---|---|---|
| ||
This guideline does not apply to code that need conform only to C23. Code that must conform to older versions of the C standard should still comply with this guideline. |
The calloc() function takes two arguments: the number of elements to allocate and the storage size of those elements. Typically, calloc() implementations multiply these arguments to determine how much memory to allocate. Historically, some implementations failed to check whether out-of-bounds results silently wrapped [RUS-CERT Advisory 2002-08:02]. If the result of multiplying the number of elements to allocate and the storage size wraps, less memory is allocated than was requested. As a result, it is necessary to ensure that these arguments, when multiplied, do not wrap.
...
Recommendation | Severity | Likelihood | Detectable | Remediation CostRepairable | Priority | Level |
|---|---|---|---|---|---|---|
MEM07-C | High | Unlikely | No | YesMedium | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| Supported, but no explicit checker | |||||||||||||
| CodeSonar |
| ALLOC.SIZE.MULOFLOW | Multiplication overflow of allocation size | ||||||||||||
| Compass/ROSE | |||||||||||||||
| Helix QAC |
| C1601 | |||||||||||||
| Parasoft C/C++test |
| CERT_C-MEM07-a | The validity of values passed to library functions shall be checked | Polyspace Bug Finder | |||||||||||
| Include Page | Polyspace Bug Finder_V | Polyspace Bug Finder_V | Memory allocation with tainted size | Size argument to memory function is from an unsecure source
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...