List of calls to dangerous low-level C functions

List of calls to dangerous low-level C functions

Risk: info

Description

The malloc, realloc, calloc, memmove, scanf, free ... are functions with dynamic memory handling and allocation.

Improper calls to these functions can result in memory corruption vulnerabilities that can lead to denial of service, information leak, arbitrary read and write or remote code execution.

Recommendation

This entry is informative, but no recommendations are applicable.

Links

• C++ Core Guidelines R.10 - Avoid malloc() and free()

Standards

• CWE_TOP_25:
  • CWE_787
  • CWE_125
  • CWE_416
  • CWE_476
  • CWE_190
  • CWE_400