 
                            Recommendations
MEM00-A. Allocate and free memory in the same module, at the same level of abstraction
MEM01-A. Store a new value in pointers immediately after free()
MEM03-A. Clear sensitive information stored in reusable resources returned for reuse
MEM04-A. Do not perform zero length allocations
MEM05-A. Avoid large stack allocations
MEM06-A. Ensure that sensitive data is not written out to disk
MEM07-A. Ensure that the arguments to calloc() when multiplied can be represented as a size_t
MEM08-A. Use realloc() only to resize dynamically allocated arrays
MEM09-A. Do not assume memory allocation routines initialize memory
Rules
MEM30-C. Do not access freed memory
MEM31-C. Free dynamically allocated memory exactly once
MEM32-C. Detect and handle memory allocation errors
MEM33-C. Use the correct syntax for flexible array members
MEM34-C. Only free memory allocated dynamically
MEM35-C. Allocate sufficient memory for an object
Risk Assessment Summary
| Recommendation | Severity | likelihood | Remediation Cost | Priority | Level | 
|---|---|---|---|---|---|
| MEM00-A | high | probable | medium | P12 | L1 | 
| MEM01-A | high | probable | low | P18 | L1 | 
| MEM02-A | low | unlikely | low | P3 | L3 | 
| MEM03-A | medium | unlikely | low | P6 | L2 | 
| MEM04-A | high | probable | medium | P12 | L1 | 
| MEM05-A | low | unlikely | medium | P2 | L3 | 
| MEM06-A | medium | unlikely | medium | P4 | L3 | 
| MEM07-A | high | unlikely | high | P3 | L3 | 
| MEM08-A | medium | unlikely | medium | P4 | L3 | 
| MEM09-A | medium | unlikely | low | P6 | L2 | 
| Rule | Severity | likelihood | Remediation Cost | Priority | Level | 
|---|---|---|---|---|---|
| MEM30-C | high | likely | medium | P18 | L1 | 
| MEM31-C | high | probable | medium | P12 | L1 | 
| MEM32-C | low | likely | medium | P6 | L2 | 
| MEM33-C | low | unlikely | low | P3 | L3 | 
| MEM34-C | low | unlikely | medium | P2 | L3 | 
| MEM35-C | high | probable | high | P6 | L2 | 
Related Rules and Recommendations
STR35-C. Do not copy data from an unbounded source to a fixed-length array 07. Characters and Strings (STR) MEM00-A. Allocate and free memory in the same module, at the same level of abstraction