Why this matters
If memory allocation size is determined by untrusted input, attackers can exploit it to crash the program or cause excessive resource usage.
Check if memory allocation sizes are derived from untrusted input. Attackers may exploit this to crash the program or consume excessive resources. Recommend validating and limiting allocation sizes.
If memory allocation size is determined by untrusted input, attackers can exploit it to crash the program or cause excessive resource usage.
Side-by-side examples engineers can pattern-match during review.
def example():
limit = int(request.args.get('limit'))
data = '#' * limit # Noncompliantdef example():
limit = int(request.args.get('limit'))
restricted_limit = min(10, limit)
data = '#' * restricted_limitdef example():
limit = int(request.args.get('limit'))
data = '#' * limit # Noncompliantdef example():
limit = int(request.args.get('limit'))
restricted_limit = min(10, limit)
data = '#' * restricted_limitFrom the same buckets as this rule.