Posted by: Pdfprep
Post Date: November 6, 2020
The following has been discovered in an internally developed application:
Error – Memory allocated but not freed:
char *myBuffer = malloc(BUFFER_SIZE);
if (myBuffer != NULL) {
*myBuffer = STRING_WELCOME_MESSAGE;
printf(“Welcome to: %sn”, myBuffer);
}
exit(0);
Which of the following security assessment methods are likely to reveal this security weakness? (Select TWO).
A . Static code analysis
B . Memory dumping
C . Manual code review
D . Application sandboxing
E . Penetration testing
F . Black box testing
Answer: A, C
Leave a Reply