Use After Free
Example 1: C
Vulnerable Code:
cCopy codechar *ptr = malloc(10);
free(ptr);
strcpy(ptr, "data");
Reason for vulnerability: Using memory after it has been freed, leading to undefined behavior.
Fixed Code:
cCopy codechar *ptr = malloc(10);
strcpy(ptr, "data");
free(ptr);
ptr = NULL;
Reason for fix: Set the pointer to NULL
after freeing it to prevent use after free.
Example 2: C++
Vulnerable Code:
cppCopy codeint *ptr = new int[10];
delete[] ptr;
ptr[0] = 1;
Reason for vulnerability: Using memory after it has been freed, leading to undefined behavior.
Fixed Code:
cppCopy codeint *ptr = new int[10];
delete[] ptr;
ptr = nullptr;
Reason for fix: Set the pointer to nullptr
after deleting it to prevent use after free.
Last updated