Query module MemoryMayNotBeFreed

name
Memory may not be freed
description
A function may return before freeing memory that was allocated in the function. Freeing all memory allocated in the function before returning ties the lifetime of the memory blocks to that of the function call, making it easier to avoid and detect memory leaks.
kind
problem
id
cpp/memory-may-not-be-freed
problem.severity
warning
tags
efficiency security external/cwe/cwe-401

Imports

Predicates

allocCallOrIndirect
allocatedVariableReaches

The value from allocation def is still held in Variable v upon entering node.

allocationDefinition
allocationReaches

The value returned by allocation def has not been freed, confirmed to be null, or potentially leaked globally upon reaching node (regardless of what variable it’s still held in, if any).

assignedToFieldOrGlobal
freeCallOrIndirect
mayCallFunction

‘call’ is either a direct call to f, or a possible call to f via a function pointer.

verifiedRealloc

The point at which a call to ‘realloc’ on ‘v’ has been verified to succeed. A failed realloc does not free the input pointer, which can cause memory leaks.

Classes