ALLOC.UAF : Use After Free

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

A dereference of a pointer to a freed object.

Class Name

Use After Free

Significance

security

Mnemonic

ALLOC.UAF

Categories

MisraC2023	MisraC2023:21.20	The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, setlocale or strerror shall not be used following a subsequent call to the same function
Misra2012	Misra2012:21.20	The pointer returned by the Standard Library functions asctime, ctime, gmtime, localtime, localeconv, setlocale or strerror shall not be used following a subsequent call to the same function
AUTOSARC++14	AUTOSARC++14:A3-8-1	An object shall not be accessed outside of its lifetime.
	AUTOSARC++14:A12-8-5	A copy assignment and a move assignment operators shall handle self-assignment.
	AUTOSARC++14:A23-0-2	Elements of a container shall only be accessed via valid references, iterators, and pointers.
MisraC++2023	MisraC++2023:6.8.1	An object shall not be accessed outside of its lifetime
CWE	CWE:416	Use After Free
	CWE:573	Improper Following of Specification by Caller
	CWE:672	Operation on a Resource after Expiration or Release
	CWE:696	Incorrect Behavior Order
TS17961	TS17961:5.2-accfree	5.2. Accessing freed memory
CERT-C	CERT-C:MEM01-C	Store a new value in pointers immediately after free()
	CERT-C:MEM30-C	Do not access freed memory
CERT-CPP	CERT-CPP:CTR51-CPP	Use valid references, pointers, and iterators to reference elements of a container
	CERT-CPP:EXP54-CPP	Do not access an object outside of its lifetime
	CERT-CPP:MEM50-CPP	Do not access freed memory
	CERT-CPP:OOP54-CPP	Gracefully handle self-copy assignment
	CERT-CPP:STR52-CPP	Use valid references, pointers, and iterators to reference elements of a basic_string
JSF++	JSF++:70.1	An object shall not be improperly used before its lifetime begins or after its lifetime ends.
	JSF++:81	The assignment operator shall handle self-assignment correctly.

Availability

Available for C and C++.

Enabling

Checks for this warning class are enabled by default. To disable them, add the following WARNING_FILTER rule to the project configuration file.

WARNING_FILTER += discard class="Use After Free"

#include <stdlib.h>

void uaf(void){
    char *p = malloc(10);
    if (!p){return;}
    char *q = p;                  /* aliasing is taken into account */
    free(p);
    q[0] = 'a';   /* 'Use After Free' warning issued here */
}

The following configuration file parameters affect checks for this warning class.

ALLOC.UAF : Use After Free

Summary

Properties

Example

Relevant Configuration File Parameters