|
Status: Draft Weakness ID: 131 (Weakness Base)Description Summary The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow. Potential Mitigations Check the parameter types of your allocation function and the size of the memory unit. Observed Examples
Relationships
Taxonomy Mappings
Applicable Platforms Languages C C++ Time of Introduction ImplementationRelated Attack Patterns
Maintenance Notes This is a broad category. Some examples include: (1) simple math errors, (2) incorrectly updating parallel counters, (3) not accounting for size differences when "transforming" one input to another format (e.g. URL canonicalization or other transformation that can generate a result that's larger than the original input, i.e. "expansion"). This level of detail is rarely available in public reports, so it is difficult to find good examples. Content History Submissions PLOVER. (Externally Mined) Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Potential_Mitigations, Time_of_Introduction CWE Content Team. MITRE. 2008-09-08. (Internal) updated Applicable_Platforms, Maintenance_Notes, Relationships, Taxonomy_Mappings, Type CWE Content Team. MITRE. 2008-10-14. (Internal) updated Relationships Previous Entry Names Other Length Calculation Error (changed 2008-01-30) |
|
|
|||