Example 57 Use of pointer after free
When there is reference to a memory through a pointer that has been previously freed, cadvise detects such potential issues as Use After Free cases.
For example, see the following code:
void use_after_free ()
{
char *p = malloc (20); strcpy (p, "hello"); free (p);
*p = 'c';
}
In such cases, cadvise generates the following error:
free.c", line 5, procedure use_after_free: warning
Example 58 Allocator/deallocator mismatch
Cadvise flags situations where memory has been allocated through a certain type of allocator, such as malloc, but is being freed with an unmatched deallocator, such as delete. This issue is particularly important in C++ applications where the memory is allocated using a operator array new but it is calling simply delete, instead of array delete.
For example, see the following code:
#include <malloc.h> void free1 ()
{
int i;
char* p = new char(10); free (p);
}
In such cases, cadvise generates the following warning:
"mismatch1.cpp", line 8, procedure free1: warning