SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 66

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 67

changes.mady.by.user Michal Rozenau

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Parasoft C/C++test 10.4

...

Code Block
bgColor#ccccff
langc
#include <threads.h>
#include <stdlib.h>

/* Global key to the thread-specific storage */
tss_t key;
enum { MAX_THREADS = 3 };

/* ... Other functions are unchanged */

void destructor(void *data) {
  free(data);
}
 
int main(void) {
  thrd_t thread_id[MAX_THREADS];

  /* Create the key before creating the threads */
  if (thrd_success != tss_create(&key, destructor)) {
    /* Handle error */
  }

  /* Create threads that would store specific storage */
  for (size_t i = 0; i < MAX_THREADS; i++) {
    if (thrd_success != thrd_create(&thread_id[i], function, NULL)) {
      /* Handle error */
    }
  }

  for (size_t i = 0; i < MAX_THREADS; i++) {
    if (thrd_success != thrd_join(thread_id[i], NULL)) {
      /* Handle error */
    }
  }

  tss_delete(key);
  return 0;
}

 


Risk Assessment

Failing to free thread-specific objects results in memory leaks and could result in a denial-of-service attack.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

CON30-C

Medium

Unlikely

Medium

P4

L3

Automated Detection

ToolVersionCheckerDescription
Astrée
Include Page
Astrée_V
Astrée_V
 

Supported, but no explicit checker
Coverity
Include Page
Coverity_V
Coverity_V
ALLOC_FREE_MISMATCHPartially implemented, correct implementation is more involved
Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
BD

CERT_C-

RES

CON30-

LEAKS

a

Ensure resources are freed

Partially implemented

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website. 


...