Mismatched Memory Management RoutinesID: 762 | Date: (C)2012-05-14 (M)2022-10-10 |
Type: weakness | Status: INCOMPLETE |
Abstraction Type: Variant |
Description
The application attempts to return a memory resource to the
system, but it calls a release function that is not compatible with the function
that was originally used to allocate that resource.
Extended DescriptionThis weakness can be generally described as mismatching memory management
routines, such as:The memory was allocated on the stack (automatically), but it was
deallocated using the memory management routine free() (CWE-590), which
is intended for explicitly allocated heap memory.The memory was allocated explicitly using one set of memory management
functions, and deallocated using a different set. For example, memory
might be allocated with malloc() in C++ instead of the new operator, and
then deallocated with the delete operator.When the memory management functions are mismatched, the consequences may
be as severe as code execution, memory corruption, or program crash.
Consequences and ease of exploit will vary depending on the implementation
of the routines and the object being managed.
Likelihood of Exploit: Low
Applicable PlatformsLanguage: CLanguage: C++Language Class: Manual Memory Managed Languages
Time Of Introduction
Common Consequences
Scope | Technical Impact | Notes |
---|
IntegrityAvailabilityConfidentiality | Modify memoryDoS: crash / exit /
restartExecute unauthorized code or
commands | |
Detection MethodsNone
Potential Mitigations
Phase | Strategy | Description | Effectiveness | Notes |
---|
Implementation | | Only call matching memory management functions. Do not mix and match
routines. For example, when you allocate a buffer with malloc(), dispose
of the original pointer with free(). | | |
Implementation | Libraries or Frameworks | To help correctly and consistently manage memory when programming in
C++, consider using a smart pointer class such as std::auto_ptr (defined
by ISO/IEC ISO/IEC 14882:2003), std::shared_ptr and std::unique_ptr
(specified by an upcoming revision of the C++ standard, informally
referred to as C++ 1x), or equivalent solutions such as Boost. | | |
Architecture and DesignImplementationOperation | Libraries or Frameworks | Use a vetted library or framework that does not allow this weakness to
occur or provides constructs that make this weakness easier to
avoid.For example, glibc in Linux provides protection against free of
invalid pointers. | | |
Architecture and Design | | Use a language that provides abstractions for memory allocation and
deallocation. | | |
Testing | | Use a tool that dynamically detects memory management problems, such
as valgrind. | | |
Relationships
Related CWE | Type | View | Chain |
---|
CWE-762 ChildOf CWE-891 | Category | CWE-888 | |
Demonstrative Examples (Details)
- This example allocates a BarObj object using the new operator in
C++, however, the programmer then deallocates the object using free(), which
may lead to unexpected behavior. (Demonstrative Example Id DX-80)
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
Taxynomy | Id | Name | Fit |
---|
CERT C++ Secure Coding | MEM39-CPP | Resources allocated by memory allocation functions must be
released using the corresponding memory deallocation
function | |
References:
- .boost C++ Library Smart Pointers.
- .Valgrind.