CERT-ARR38-C_c
Synopsis
Guarantee that library functions do not form invalid pointers.
Enabled by default
Yes
Severity/Certainty
High/High
Full description
C library functions that make changes to arrays or objects take at least two arguments: a pointer to the array or object and an integer indicating the number of elements or bytes to be manipulated. Supplying arguments to such a function might cause the function to form a pointer that does not point into or just past the end of the object, resulting in undefined behavior.
Coding standards
- CERT ARR38-C
Guarantee that library functions do not form invalid pointers
- CWE 121
Stack-based Buffer Overflow
- CWE 119
Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE 125
Out-of-bounds Read
- CWE 123
Write-what-where Condition
- CWE 805
Buffer Access with Incorrect Length Value
- CWE 129
Improper Validation of Array Index
Code examples
The following code example fails the check and will give a warning:
#include <stdlib.h>
#include <string.h>
void f1(size_t nchars) {
char *p = (char *)malloc(nchars);
/* ... */
const size_t n = nchars + 1;
/* ... */
memset(p, 0, n);
}
The following code example passes the check and will not give a warning about this issue:
#include <stdlib.h>
#include <string.h>
void f1(size_t nchars) {
char *p = (char *)malloc(nchars);
/* ... */
const size_t n = nchars;
/* ... */
memset(p, 0, n);
}