Q
Detector Library
C detectors (34/34)
Logging of sensitive informationInsecure Use Of ChrootDeadlock And Lock InconsistencyUnsafe File ExtensionOS command injectionIncorrect Use Of FreeUse Of Uninitialized VariableInsecure Use strcat fnSQL injectionBitwise Operator On Signed OperandInsecure use gets fnRandom fd exhaustionRedundant Free UsageInsecure Use MemsetDivide By Zero.Return Stack AddressUnchecked Return ValueIncorrect Format SpecifierUnhandled Expression ResultPath traversalImproper Input ValidationOut Of Bounds ReadInteger OverflowInsecure use strtok functionImproper size of a memory bufferincomplete-cleanupNull pointer dereferenceInsecure Temporary File Or DirectoryInsecure Buffer AccessIncorrect Use Ato FnLoose File PermissionsExposure of Sensitive InformationOut-of-bounds WriteString Equality
Redundant Free Usage High
The product calls free method twice on the same memory address, which leads to modification of unexpected memory locations.
Detector ID
c/redundant-free-usage@v1.0
Category
Common Weakness Enumeration (CWE) 
Tags
-
Noncompliant example
1#include <stdlib.h>
2#include <string.h>
3
4int redundantFreeUsageNonCompliant(char *argv[]) {
5 char *buf1;
6 char *buf2;
7 buf1 = (char *) malloc(sizeof(char) * 10);
8 free(buf1);
9 buf2 = (char *) malloc(sizeof(char) * 5);
10 strncpy(buf2, argv[1], 1);
11 // Noncompliant: Redundent use of `free` on buf1 without memory reallocation
12 free(buf1);
13 free(buf2);
14}
Compliant example
1#include <stdlib.h>
2#include <string.h>
3
4int redundantFreeUsageCompliant() {
5 char *var = malloc(sizeof(char) * 10);
6 free(var);
7 var = malloc(sizeof(char) * 10);
8 // Compliant: Use of free on variable after memory reallocation
9 free(var);
10 return 0;
11}