| title | description | ms.date | f1_keywords | helpviewer_keywords | |||
|---|---|---|---|---|---|---|---|
Warning C26831 |
Describes the Microsoft C/C++ code analysis warning C26831, its causes, and how to address it. |
03/20/2023 |
|
|
Allocation size might be the result of a numerical overflow
This warning reports that the size specified for an allocation may be the result of a numerical overflow. For example:
void *SmallAlloc(int);
void foo(int i, int j)
{
int* p = (int*)SmallAlloc(i + j); // Warning: C26831
p[i] = 5;
}If i+j overflows, SmallAlloc returns a buffer that is smaller than expected. That will likely lead to out of bounds attempts to access the buffer later on. This code pattern can result in remote code execution vulnerabilities.
The check applies to common allocation functions like new, malloc, and VirtualAlloc. The check also applies to custom allocator functions that have alloc (case insensitive) in the function name.
This check sometimes fails to recognize that certain checks can prevent overflows because the check is conservative.
This warning is available in Visual Studio 2022 version 17.7 and later versions.
To fix the previous code example in which i+j might overflow, introduce a check to make sure it won't. For example:
void *SmallAlloc(int);
void foo(int i, int j)
{
if (i < 0 || j < 0 )
{
return;
}
if (i > 100 || j > 100)
{
return;
}
int* p = (int*)SmallAlloc(i + j);
p[i] = 5;
}