cppcheck/cve-test-suite/cve-2018-11360.c

16 lines
304 B
C
Raw Permalink Normal View History

2018-10-04 18:07:11 +02:00
// CVE: CVE-2018-6836
// This is a simplified code example based on CVE-2018-11360.
void *malloc(unsigned long);
void free(void *);
void f(int size)
{
char *ia5_string = malloc(size); // Hint: Off by one
for (int i = 0; i <= size; i++)
ia5_string[i]=0; // BUG
free(ia5_string);
}