>_

security/memory-safety

Memory Safety security skill

$ 安裝

git clone https://github.com/mgreenly/ikigai /tmp/ikigai && cp -r /tmp/ikigai/.claude/library/security/memory-safety ~/.claude/skills/ikigai

// tip: Run this command in your terminal to install the skill

SKILL.md
View on GitHub →

name: security/memory-safety description: Memory Safety security skill

Memory Safety

C's primary vulnerability class. Buffer overflows, use-after-free, and integer issues remain the top attack vectors in native code.

ikigai Application

talloc mitigates but doesn't eliminate: Hierarchical ownership prevents leaks but not overflows or UAF within a context's lifetime.

Critical patterns:

  • Bounds check ALL array access before use
  • Validate sizes before allocation: if (n > SIZE_MAX / elem_size) return ERR(...)
  • Never trust size values from external sources
  • Use talloc_array() not manual multiplication

Integer overflow risks:

  • size_t multiplication for buffer sizes
  • Signed/unsigned conversion in comparisons
  • Off-by-one in loop bounds

Detection tools:

  • ASan (make BUILD=sanitize) - buffer overflow, UAF
  • UBSan - undefined behavior, integer overflow
  • Valgrind - memory errors, leaks

Review red flags: Manual pointer arithmetic, memcpy with computed sizes, array indexing without bounds check.

Repository

mgreenly
mgreenly
Author
mgreenly/ikigai/.claude/library/security/memory-safety
1
Stars
0
Forks
Updated3d ago
Added1w ago

Actions

View on GitHubDownload ZIPReport Issue

Related Skills

payload
payloadcms/payload
39.0k
creating-financial-models
anthropics/claude-cookbooks
28.3k
cookbook-audit
anthropics/claude-cookbooks
28.3k
doc-coauthoring
anthropics/skills
24.5k
webapp-testing
anthropics/skills
24.5k