You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Attempting to dereference an invalid pointer results in undefined program behavior, typically abnormal program termination. Given this, invalid pointers should not be dereferenced.

Non-compliant Example

In this example, input_string is copied into dynamically allocated memory referenced by str. If malloc() }} fails, it returns an invalid (null) pointer that is assigned to {{str. When str is dereferenced in strcpy(), the program behave in an unpredictable manner.

...
char *str = malloc(size_of_input);
strcpy(str, input); 
...

Compliant Solution

To correct this error, ensure the pointer returned by malloc() is not invalid (null). In addition to this rule, this should be done in accordance with rule MEM32-C. Detect and handle critical memory allocation errors.

char *str = malloc(strlen(input_string)+1);
if (str == NULL) {
  /* Handle Allocation Error */
}
strcpy(str, input_string);

Priority and Level

Dereferencing null pointers typically results in a denial of service condition.

Component

Value

Severity

 

Likelihood

 

Remediation cost

 

Priority

 

Level

 

References

  • No labels