codeql-coding-standards icon indicating copy to clipboard operation
codeql-coding-standards copied to clipboard

Published 20 hours ago verified publisher icon github

`STR32-C`: Support reducing buffer size via realloc

Open lcartey opened this issue 2 years ago • 0 comments

Affected rules

  • STR32-C

Description

Support reducing buffer size via realloc.

Example

#include <stdlib.h>
#include <wchar.h>
  
wchar_t *cur_msg = NULL;
size_t cur_msg_size = 1024;
size_t cur_msg_len = 0;
 
void lessen_memory_usage(void) {
  wchar_t *temp;
  size_t temp_size;
 
  /* ... */
 
  if (cur_msg != NULL) {
    temp_size = cur_msg_size / 2 + 1;
    temp = realloc(cur_msg, temp_size * sizeof(wchar_t));
    /* temp &and cur_msg may no longer be null-terminated */
    if (temp == NULL) {
      /* Handle error */
    }
 
    cur_msg = temp;
    cur_msg_size = temp_size;
    cur_msg_len = wcslen(cur_msg);
  }
}

As taken from https://wiki.sei.cmu.edu/confluence/display/c/STR32-C.+Do+not+pass+a+non-null-terminated+character+sequence+to+a+library+function+that+expects+a+string#STR32C.Donotpassanonnullterminatedcharactersequencetoalibraryfunctionthatexpectsastring-NoncompliantCodeExample.1

lcartey avatar Jul 26 '22 12:07 lcartey