mirror of
https://github.com/github/codeql.git
synced 2025-12-16 16:53:25 +01:00
50 lines
1.5 KiB
XML
50 lines
1.5 KiB
XML
<!DOCTYPE qhelp PUBLIC
|
|
"-//Semmle//qhelp//EN"
|
|
"qhelp.dtd">
|
|
<qhelp>
|
|
<overview>
|
|
<p>
|
|
This rule finds uses of pointers that likely point to local variables in
|
|
expired stack frames. Such pointers to local variables is only valid
|
|
until the function returns, after which it becomes a dangling pointer.
|
|
</p>
|
|
|
|
</overview>
|
|
<recommendation>
|
|
|
|
<ol>
|
|
|
|
<li>
|
|
If it is necessary to take the address of a local variable, then make
|
|
sure that the address is only stored in memory that does not outlive
|
|
the local variable. For example, it is safe to store the address in
|
|
another local variable. Similarly, it is also safe to pass the address
|
|
of a local variable to another function provided that the other
|
|
function only uses it locally and does not store it in non-local
|
|
memory.
|
|
</li>
|
|
<li>
|
|
If it is necessary to store an address which will outlive the
|
|
current function scope, then it should be allocated on the heap. Care
|
|
should be taken to make sure that the memory is deallocated when it is
|
|
no longer needed, particularly when using low-level memory management
|
|
routines such as <tt>malloc</tt>/<tt>free</tt> or
|
|
<tt>new</tt>/<tt>delete</tt>. Modern C++ applications often use smart
|
|
pointers, such as <tt>std::shared_ptr</tt>, to reduce the chance of
|
|
a memory leak.
|
|
</li>
|
|
</ol>
|
|
|
|
</recommendation>
|
|
<example>
|
|
|
|
<sample src="UsingExpiredStackAddress.cpp" />
|
|
|
|
</example>
|
|
<references>
|
|
|
|
<li>Wikipedia: <a href="https://en.wikipedia.org/wiki/Dangling_pointer">Dangling pointer</a>.</li>
|
|
|
|
</references>
|
|
</qhelp>
|