wangwei
/
cwetest
Not watched
1
0
Fork 0
Code
Releases 0 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
3.2 MB
55 Download
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
cwetest/CWE401_Memory_Leak__char_ca...

CWE401_Memory_Leak__char_calloc_01.c 2.6 kB
Raw Permalink Normal View History

1
3 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 
  1. /* TEMPLATE GENERATED TESTCASE FILE

  2. Filename: CWE401_Memory_Leak__char_calloc_01.c

  3. Label Definition File: CWE401_Memory_Leak.c.label.xml

  4. Template File: sources-sinks-01.tmpl.c

  5. */

  6. /*

  7.  * @description

  8.  * CWE: 401 Memory Leak

  9.  * BadSource: calloc Allocate data using calloc()

  10.  * GoodSource: Allocate data on the stack

  11.  * Sinks:

  12.  *    GoodSink: call free() on data

  13.  *    BadSink : no deallocation of data

  14.  * Flow Variant: 01 Baseline

  15.  *

  16.  * */

  17. 

  18. #include "std_testcase.h"

  19. 

  20. #include <wchar.h>

  21. 

  22. #ifndef OMITBAD

  23. 

  24. void CWE401_Memory_Leak__char_calloc_01_bad()

  25. {

  26.     char * data;

  27.     data = NULL;

  28.     /* POTENTIAL FLAW: Allocate memory on the heap */

  29.     data = (char *)calloc(100, sizeof(char));

  30.     if (data == NULL) {exit(-1);}

  31.     /* Initialize and make use of data */

  32.     strcpy(data, "A String");

  33.     printLine(data);

  34.     /* POTENTIAL FLAW: No deallocation */

  35.     ; /* empty statement needed for some flow variants */

  36. }

  37. 

  38. #endif /* OMITBAD */

  39. 

  40. #ifndef OMITGOOD

  41. 

  42. /* goodG2B uses the GoodSource with the BadSink */

  43. static void goodG2B()

  44. {

  45.     char * data;

  46.     data = NULL;

  47.     /* FIX: Use memory allocated on the stack with ALLOCA */

  48.     data = (char *)ALLOCA(100*sizeof(char));

  49.     /* Initialize and make use of data */

  50.     strcpy(data, "A String");

  51.     printLine(data);

  52.     /* POTENTIAL FLAW: No deallocation */

  53.     ; /* empty statement needed for some flow variants */

  54. }

  55. 

  56. /* goodB2G uses the BadSource with the GoodSink */

  57. static void goodB2G()

  58. {

  59.     char * data;

  60.     data = NULL;

  61.     /* POTENTIAL FLAW: Allocate memory on the heap */

  62.     data = (char *)calloc(100, sizeof(char));

  63.     if (data == NULL) {exit(-1);}

  64.     /* Initialize and make use of data */

  65.     strcpy(data, "A String");

  66.     printLine(data);

  67.     /* FIX: Deallocate memory */

  68.     free(data);

  69. }

  70. 

  71. void CWE401_Memory_Leak__char_calloc_01_good()

  72. {

  73.     goodG2B();

  74.     goodB2G();

  75. }

  76. 

  77. #endif /* OMITGOOD */

  78. 

  79. /* Below is the main(). It is only used when building this testcase on

  80.    its own for testing or for building a binary to use in testing binary

  81.    analysis tools. It is not used when compiling all the testcases as one

  82.    application, which is how source code analysis tools are tested. */

  83. 

  84. #ifdef INCLUDEMAIN

  85. 

  86. int main(int argc, char * argv[])

  87. {

  88.     /* seed randomness */

  89.     srand( (unsigned)time(NULL) );

  90. #ifndef OMITGOOD

  91.     printLine("Calling good()...");

  92.     CWE401_Memory_Leak__char_calloc_01_good();

  93.     printLine("Finished good()");

  94. #endif /* OMITGOOD */

  95. #ifndef OMITBAD

  96.     printLine("Calling bad()...");

  97.     CWE401_Memory_Leak__char_calloc_01_bad();

  98.     printLine("Finished bad()");

  99. #endif /* OMITBAD */

  100.     return 0;

  101. }

  102. 

  103. #endif

No Description

Contributors (1)
All