[Dev] Why it is important to check what the malloc function returned

Andrey Karpov karpov at viva64.com
Sat Feb 3 20:42:19 UTC 2018


The absence of nullptr checks after calls to the malloc function is a 
very common issue in the Tizen operating system and the libraries it uses.
I mentioned this in the article "27 000 Errors in the Tizen Operating 
System" - https://www.viva64.com/en/b/0519/
I also pointed it out in a more detailed analysis of the EFL Core 
Libraries used in Tizen. The library has almost zero "nullptr checks" 
after calls to malloc. Here is this article, with the comments by one of 
the developers included: "Characteristics of PVS-Studio Analyzer by the 
Example of EFL Core Libraries, 10-15% of False Positives" - 

I finally found time the other day to write a detailed article on the 
malloc function. There are 4 reasons at once, each of them is enough to 
prove that it is so necessary to write a check after you call the malloc 

 1. Null pointer dereference is undefined behavior
 2. Null pointer dereference is a vulnerability
 3. Where are guarantees that dereferencing of exactly a null pointer
    will occur?
 4. Where are the guarantees that memset fills the memory in a direct order?

Please do take a look at this article. I hope you will find it 
interesting and useful.

*Why it is important to check what the malloc function returned* - 

Best regards,
Andrey Karpov, Microsoft MVP,
Ph.D. in Mathematics, CTO
"Program Verification Systems" Co Ltd.
URL: www.viva64.com
E-Mail: karpov at viva64.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.tizen.org/pipermail/dev/attachments/20180203/7c8b3c82/attachment.html>

More information about the Dev mailing list