Operation and Maintenance
Safety
Analysis of examples of contaminated memory allocation functions in C language
Analysis of examples of contaminated memory allocation functions in C language
1. Polluted memory allocation
The memory allocation functions of C language include malloc(), kmalloc, smalloc(), xmalloc(), realloc(), calloc(), GlobalAlloc(), HeapAlloc() and so on, taking malloc() as an example, the prototype of the malloc() function is:
extern void*malloc (unsignedintnum_bytes);
malloc() The function allocates num_bytes bytes of memory and returns a pointer to this memory. When the integer of the memory allocation length comes from an untrusted source that may be contaminated, if the external input data is not effectively judged, it will lead to extremely large memory allocation. Untrusted sources that may be contaminated include: command line parameters, configuration files, network communications, databases, environment variables, registry values, and other input from outside the application.
2. The harm of contaminated memory allocation
Directly use contaminated data as the length parameter of the memory allocation function, such as passing in a very large integer value , the program will allocate a huge memory accordingly, resulting in huge memory overhead on the system, and even leading to denial of service attacks.
There are also some related vulnerability information in the CVE. From January 2018 to March 2019, there were 4 related vulnerability information in the CVE. The vulnerability information is as follows:
| Overview | |
|---|---|
| There is a security vulnerability in the '__zzip_parse_root_directory' function of the zzip/zip.c file in ZZIPlib version 0.13.68. A remote attacker could exploit this vulnerability to cause a denial of service (uncontrolled memory allocation and crash) using a specially crafted zip file. | |
| There is a security vulnerability in the 'PoDoFo::PdfVecObjects::Reserve' function of the base/PdfVecObjects.h file in PoDoFo 0.9.5 version . A remote attacker could exploit this vulnerability to cause a denial of service (uncontrolled memory allocation) using a specially crafted PDF file. | |
| There is a security vulnerability in the 'PdfParser::ReadXRefSubsection' function of the base/PdfParser.cpp file in PoDoFo version 0.9.5. This vulnerability It comes from the fact that the program does not control the allocation of memory. A remote attacker could exploit this vulnerability to cause a denial of service using a specially crafted PDF file. |
The above is the detailed content of Analysis of examples of contaminated memory allocation functions in C language. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1375
52
C language data structure: data representation and operation of trees and graphs
Apr 04, 2025 am 11:18 AM
C language data structure: The data representation of the tree and graph is a hierarchical data structure consisting of nodes. Each node contains a data element and a pointer to its child nodes. The binary tree is a special type of tree. Each node has at most two child nodes. The data represents structTreeNode{intdata;structTreeNode*left;structTreeNode*right;}; Operation creates a tree traversal tree (predecision, in-order, and later order) search tree insertion node deletes node graph is a collection of data structures, where elements are vertices, and they can be connected together through edges with right or unrighted data representing neighbors.
The truth behind the C language file operation problem
Apr 04, 2025 am 11:24 AM
The truth about file operation problems: file opening failed: insufficient permissions, wrong paths, and file occupied. Data writing failed: the buffer is full, the file is not writable, and the disk space is insufficient. Other FAQs: slow file traversal, incorrect text file encoding, and binary file reading errors.
What are the basic requirements for c language functions
Apr 03, 2025 pm 10:06 PM
C language functions are the basis for code modularization and program building. They consist of declarations (function headers) and definitions (function bodies). C language uses values to pass parameters by default, but external variables can also be modified using address pass. Functions can have or have no return value, and the return value type must be consistent with the declaration. Function naming should be clear and easy to understand, using camel or underscore nomenclature. Follow the single responsibility principle and keep the function simplicity to improve maintainability and readability.
How to output a countdown in C language
Apr 04, 2025 am 08:54 AM
How to output a countdown in C? Answer: Use loop statements. Steps: 1. Define the variable n and store the countdown number to output; 2. Use the while loop to continuously print n until n is less than 1; 3. In the loop body, print out the value of n; 4. At the end of the loop, subtract n by 1 to output the next smaller reciprocal.
CS-Week 3
Apr 04, 2025 am 06:06 AM
Algorithms are the set of instructions to solve problems, and their execution speed and memory usage vary. In programming, many algorithms are based on data search and sorting. This article will introduce several data retrieval and sorting algorithms. Linear search assumes that there is an array [20,500,10,5,100,1,50] and needs to find the number 50. The linear search algorithm checks each element in the array one by one until the target value is found or the complete array is traversed. The algorithm flowchart is as follows: The pseudo-code for linear search is as follows: Check each element: If the target value is found: Return true Return false C language implementation: #include#includeintmain(void){i
The concept of c language functions and their definition format
Apr 03, 2025 pm 11:33 PM
C language functions are reusable code blocks, receive parameters for processing, and return results. It is similar to the Swiss Army Knife, powerful and requires careful use. Functions include elements such as defining formats, parameters, return values, and function bodies. Advanced usage includes function pointers, recursive functions, and callback functions. Common errors are type mismatch and forgetting to declare prototypes. Debugging skills include printing variables and using a debugger. Performance optimization uses inline functions. Function design should follow the principle of single responsibility. Proficiency in C language functions can significantly improve programming efficiency and code quality.
Troubleshooting tips for processing files in C language
Apr 04, 2025 am 11:15 AM
Troubleshooting Tips for C language processing files When processing files in C language, you may encounter various problems. The following are common problems and corresponding solutions: Problem 1: Cannot open the file code: FILE*fp=fopen("myfile.txt","r");if(fp==NULL){//File opening failed} Reason: File path error File does not exist without file read permission Solution: Check the file path to ensure that the file has check file permission problem 2: File reading failed code: charbuffer[100];size_tread_bytes=fread(buffer,1,siz
What are the types of return values of c language function? Summary of types of return values of c language function?
Apr 03, 2025 pm 11:18 PM
The return value types of C language function include int, float, double, char, void and pointer types. int is used to return integers, float and double are used to return floats, and char returns characters. void means that the function does not return any value. The pointer type returns the memory address, be careful to avoid memory leakage.结构体或联合体可返回多个相关数据。
