The SAMATE Project Department of Homeland Security
Downloads:  Selected

Back to the previous page...Back to the previous page

Test Case IDCandidate6
Bad / GoodBadBad test case
AuthorN/A
Associated test caseN/A
ContributorSecureSoftware
LanguageC
Type of test caseSource Code
Input stringN/A
Expected OutputN/A
InstructionsN/A
Submission date2005-10-26
DescriptioniconThe use of heap allocated memory after it has been freed or deleted leads to undefined system behavior and, in many cases, to a write-what-where condition. (from TCCLASP-5_2_19_10)
Filename
Flaw
  • (?) CWE-416: Use After Free at line 15,12

There is no comments :: Submit a comment :: RSS

>./Using_freed_memory.c
  1. #include <stdio.h>
  2. #include <unistd.h>
  3. #define BUFSIZER1 512
  4. #define BUFSIZER2 ((BUFSIZER1/2) - 8)
  5. int main(int argc, char **argv) {
  6. char *buf1R1;
  7. char *buf2R1;
  8. char *buf2R2;
  9. char *buf3R2;
  10. buf1R1 = (char *) malloc(BUFSIZER1);
  11. buf2R1 = (char *) malloc(BUFSIZER1);
  12. free(buf2R1);
  13. buf2R2 = (char *) malloc(BUFSIZER2);
  14. buf3R2 = (char *) malloc(BUFSIZER2);
  15. strncpy(buf2R1, argv[1], BUFSIZER1-1);
  16. free(buf1R1);
  17. free(buf2R2);
  18. free(buf3R2);
  19. }
  20.  
  21.  
  22.  
  23.  
  24.