Use After Free

Example 1: C

Vulnerable Code:

cCopy codechar *ptr = malloc(10);
free(ptr);
strcpy(ptr, "data");

Reason for vulnerability: Using memory after it has been freed, leading to undefined behavior.

Fixed Code:

cCopy codechar *ptr = malloc(10);
strcpy(ptr, "data");
free(ptr);
ptr = NULL;

Reason for fix: Set the pointer to NULL after freeing it to prevent use after free.

Example 2: C++

Vulnerable Code:

cppCopy codeint *ptr = new int[10];
delete[] ptr;
ptr[0] = 1;

Reason for vulnerability: Using memory after it has been freed, leading to undefined behavior.

Fixed Code:

cppCopy codeint *ptr = new int[10];
delete[] ptr;
ptr = nullptr;

Reason for fix: Set the pointer to nullptr after deleting it to prevent use after free.

Last updated 1 year ago