Pointer Subtraction
Description
The software subtracts one pointer from another to determine size, but this calculation can be incorrect if the pointers do not exist in the same memory chunk.
Examples
Insecure Code
c
size = (char *)ptr1 - (char *)ptr2;Secure Code
c
size = sizeof(struct example);Remediation
Ensure that pointers being subtracted exist in the same memory chunk or use a safer method to calculate size.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0264 |
| Category | Generic |
| Severity | MEDIUM |
| CWE | CWE-469 |
| Confidence | MEDIUM |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | |
| OWASP | N/A |