cppcheck/cve-test-suite/cve-2018-11360.c


// CVE: CVE-2018-6836
// This is a simplified code example based on CVE-2018-11360.

void *malloc(unsigned long);
void free(void *);

void f(int size)
{
    char *ia5_string = malloc(size); // Hint: Off by one
    for (int i = 0; i <= size; i++)
        ia5_string[i]=0; // BUG
    free(ia5_string);
}
cve test suite: Added more test cases 2018-10-04 18:07:11 +02:00
			`// CVE: CVE-2018-6836`
			`// This is a simplified code example based on CVE-2018-11360.`

			`void *malloc(unsigned long);`
			`void free(void *);`

			`void f(int size)`
			`{`
			`char *ia5_string = malloc(size); // Hint: Off by one`
			`for (int i = 0; i <= size; i++)`
			`ia5_string[i]=0; // BUG`
			`free(ia5_string);`
			`}`