Tool
Version
Checker
Description
ALLOC.LEAK
Leak
RESOURCE_LEAK
ALLOC_FREE_MISMATCH
Finds resource leaks from variables that go out of scope while owning a resource
50 D
Memory allocated dynamically not freed
Before the lifetime of the last pointer that stores the return value of a call to a standard memory allocation function has ended, it must be matched by a call to free() with that pointer value.
In this noncompliant example, the object allocated by the call to malloc() is not freed before the end of the lifetime of the last pointer text_buffer referring to the object:
#include <stdlib.h>
enum { BUFFER_SIZE = 32 };
int f(void) {
char *text_buffer = (char *)malloc(BUFFER_SIZE);
if (text_buffer == NULL) {
return -1;
}
return 0;
} |
In this compliant solution, the pointer is deallocated with a call to free():
#include <stdlib.h>
enum { BUFFER_SIZE = 32 };
int f(void) {
char *text_buffer = (char *)malloc(BUFFER_SIZE);
if (text_buffer == NULL) {
return -1;
}
free(text_buffer);
return 0;
}
|
MEM31-C-EX1: Allocated memory does not need to be freed if it is assigned to a pointer with static storage duration whose lifetime is the entire execution of a program. The following code example illustrates a pointer that stores the return value from malloc() in a static variable:
#include <stdlib.h>
enum { BUFFER_SIZE = 32 };
int f(void) {
static char *text_buffer = NULL;
if (text_buffer == NULL) {
text_buffer = (char *)malloc(BUFFER_SIZE);
if (text_buffer == NULL) {
return -1;
}
}
return 0;
}
|
Failing to free memory can result in the exhaustion of system memory resources, which can lead to a denial-of-service attack.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM31-C | Medium | Probable | Medium | P8 | L2 |
Tool | Version | Checker | Description |
|---|---|---|---|
| Astrée | Supported, but no explicit checker | ||
| CodeSonar | ALLOC.LEAK | Leak | |
| Compass/ROSE | |||
RESOURCE_LEAK ALLOC_FREE_MISMATCH | Finds resource leaks from variables that go out of scope while owning a resource | ||
| Cppcheck | | leakReturnValNotUsed | Doesn't use return value of memory allocation function |
| Klocwork | |||
| LDRA tool suite | 50 D | Partially implemented | |
| Parasoft C/C++test | 9.5 | BD-RES-LEAK | |
| Parasoft Insure++ | Detects leaks at runtime | ||
| Polyspace Bug Finder | R2016a | Memory leak | Memory allocated dynamically not freed |
| PRQA QA-C | 9.1 | 1771 | |
| PRQA QA-C++ | 4.2 | 3337, 3338 | |
| SonarQube C/C++ Plugin | S3584 | ||
| Splint |
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
|---|---|---|
| ISO/IEC TR 24772:2013 | Memory Leak [XYL] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| ISO/IEC TS 17961 | Failing to close files or free dynamic memory when they are no longer needed [fileclose] | Prior to 2018-01-12: CERT: Unspecified Relationship |
| CWE 2.11 | CWE-401, Improper Release of Memory Before Removing Last Reference ("Memory Leak") | 2017-07-05: CERT: Exact |
| CWE 2.11 | CWE-404 | 2017-07-06: CERT: Rule subset of CWE |
| CWE 2.11 | CWE-459 | 2017-07-06: CERT: Rule subset of CWE |
| CWE 2.11 | CWE-771 | 2017-07-06: CERT: Rule subset of CWE |
| CWE 2.11 | CWE-772 | 2017-07-06: CERT: Rule subset of CWE |
Key here for mapping notes
Intersection( FIO42-C, MEM31-C) = Ø CWE-404 = CWE-459 = CWE-771 = CWE-772
CWE-404 = Union( FIO42-C, MEM31-C list) where list =
| [ISO/IEC 9899:2011] | Subclause 7.22.3, "Memory Management Functions" |
