Claude-skill-registry detecting-double-free
Detects double free vulnerabilities by identifying attempts to free the same memory block twice. Use when analyzing memory management, cleanup paths, or investigating heap corruption issues.
install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/detecting-double-free" ~/.claude/skills/majiayu000-claude-skill-registry-detecting-double-free && rm -rf "$T"
manifest:
skills/data/detecting-double-free/SKILL.mdsource content
Double Free Detection
Detection Workflow
- Identify free operations: Find all free() and delete/delete[] calls, note the pointers being freed
- Track pointer usage: Use
to trace pointers and identify pointer aliasesxrefs_to - Analyze control flow: Map all code paths to free(), check for multiple free() calls on same pointer
- Assess exploitability: Can attacker trigger double free? Is there useful heap corruption?
Key Patterns
- Direct double free: free() called twice on same pointer
- Conditional double free: free() in multiple code paths
- Indirect double free: freeing same memory through different pointers
- Reference counting issues
Output Format
Report with: id, type, subtype, severity, confidence, location, freed pointer, first free, second free, double free path, exploitability, attack scenario, impact, mitigation.
Severity Guidelines
- CRITICAL: Double free with code execution potential
- HIGH: Double free causing heap corruption
- MEDIUM: Double free causing crashes
- LOW: Double free with limited impact
See Also
- Detailed detection patterns and exploitation scenariospatterns.md
- Example analysis cases and code samplesexamples.md
- CWE references and mitigation strategiesreferences.md