Unchecked return value of malloc/calloc/realloc

ID

c.memory_management.unchecked_ret_malloc_calloc_realloc

Severity

low

Resource

Memory Management

Language

C / C++

Description

The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

Rationale

The software does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

The following code illustrates a vulnerable pattern detected by this rule:

void alloc_memory()
{
	// VULNERABLE: Unchecked return value of malloc/calloc/realloc
	char *ptr = (char *)malloc(MEMSIZE);
}

Remediation

Follow secure coding practices and review the references below for detailed remediation guidance.

Configuration

This detector does not need any configuration.

References