JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
C and C++

ALLOC.SIZE.TRUNC : Truncation of Allocation Size

Summary

An allocator function is passed a size parameter value that may have been truncated, resulting in an unexpectedly small allocated block.

(Note: When truncation can affect size calculation for an operation other than memory allocation, warning class Truncation of Size applies instead.)

Properties

Class Name Truncation of Allocation Size
Significance security
Mnemonic ALLOC.SIZE.TRUNC
Categories
MisraC++2023 MisraC++2023:0.3.2 A function call shall not violate the function's preconditions
CWE CWE:131 Incorrect Calculation of Buffer Size
  CWE:192 Integer Coercion Error
  CWE:197 Numeric Truncation Error
  CWE:680 Integer Overflow to Buffer Overflow
TS17961 TS17961:5.45-taintsink Tainted, potentially mutilated, or out-of-domain integer values are used in a restricted sink
CERT-C CERT-C:INT02-C Understand integer conversion rules
  CERT-C:INT18-C Evaluate integer expressions in a larger size before comparing or assigning to that size
  CERT-C:INT31-C Ensure that integer conversions do not result in lost or misinterpreted data
  CERT-C:MEM35-C Allocate sufficient memory for an object
JSF++ JSF++:203 Evaluation of expressions shall not lead to overflow/underflow (unless required algorithmically and then should be heavily documented).
  JSF++:212 Underflow or overflow functioning shall not be depended on in any special way.
Availability Available for C and C++.
Enabling Checks for this warning class are disabled by default. To enable them, add the following WARNING_FILTER rule to the project configuration file. 
WARNING_FILTER += allow class="Truncation of Allocation Size"

Example 

#include <stdlib.h>

int do_trunc_alloc(int x){
    char *p =  malloc((char) x);  /* 'Truncation of Allocation Size' warning issued here. */
    int rv = 0;
    if (p){
        rv = 1;
    free(p);
    }
    return rv;
}

Triggering Functions

Truncation of Allocation Size warnings can be triggered by any function treated as an allocator by CodeSonar:

Note that classes Addition Overflow of Allocation Size, Multiplication Overflow of Allocation Size, Subtraction Underflow of Allocation Size and Truncation of Allocation Size all have the same set of triggering functions.

Note

This is a "taint+dp" warning class: warnings of this class undergo a dedicated refinement phase that cannot be disabled. One consequence of this is that reporting exhibits some degree of unavoidable nondeterminism. If result stability is important to you, you may wish to avoid enabling this class.

In issuing a warning of this class, CodeSonar does not take into account any constraints on integer values that are imposed before the beginning of the warning's core path.

Relevant Configuration File Parameters

The following configuration file parameters affect checks for this warning class.

 

To report problems with this documentation, please visit https://support.codesecure.com/.