[cfe-dev] Anyone working on a checker for realloc?

Marshall Clow mclow.lists at gmail.com
Tue Apr 19 14:27:21 PDT 2011


Having had a discussion with someone about problems with using realloc, I was wondering if anyone has done anything with a security checker (Lenny?) or static analysis module for problems with using realloc.

Sample (bad) code:

	p = malloc ( 12 );
	realloc ( p, 24 );
	*p = 123;	//	realloc can move memory - but usually doesn't

-- Marshall

Marshall Clow     Idio Software   <mailto:mclow.lists at gmail.com>

A.D. 1517: Martin Luther nails his 95 Theses to the church door and is promptly moderated down to (-1, Flamebait).
        -- Yu Suzuki





More information about the cfe-dev mailing list