File tree Expand file tree Collapse file tree
cpp/ql/test/experimental/query-tests/Security/CWE/CWE-415/semmle/tests Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ | test.c:9:8:9:10 | buf | This pointer may be cleared again later. |
2+ | test.c:19:26:19:29 | buf1 | This pointer may be cleared again later. |
Original file line number Diff line number Diff line change 1+ experimental/Security/CWE/CWE-415/DoubleFree.ql
Original file line number Diff line number Diff line change 1+ typedef unsigned long size_t ;
2+ void * malloc (size_t size );
3+ void free (void * ptr );
4+
5+ void workFunction_0 (char * s ) {
6+ int intSize = 10 ;
7+ char * buf ;
8+ buf = (char * ) malloc (intSize );
9+ free (buf ); // BAD
10+ if (buf ) free (buf );
11+ }
12+ void workFunction_1 (char * s ) {
13+ int intSize = 10 ;
14+ char * buf ;
15+ char * buf1 ;
16+ buf = (char * ) malloc (intSize );
17+ buf1 = (char * ) realloc (buf ,intSize * 2 );
18+ if (buf ) free (buf ); // GOOD
19+ buf = (char * ) realloc (buf1 ,intSize * 4 ); // BAD
20+ free (buf1 );
21+ }
You can’t perform that action at this time.
0 commit comments