List of calls to dangerous low-level C functions
List of calls to dangerous low-level C functions
Description
The malloc, realloc, calloc, memmove, scanf, free ... are functions with dynamic memory handling and
allocation.
Improper calls to these functions can result in memory corruption vulnerabilities that can lead to denial of service, information leak, arbitrary read and write or remote code execution.
Recommendation
Prefer the use of memory safe functions or higher-level API with indirect memory allocation handling.
Links
Standards
- CWE_TOP_25:
- CWE_787
- CWE_125
- CWE_416
- CWE_476
- CWE_190
- CWE_190
- CWE_400