|
Status: Draft Weakness ID: 587 (Weakness Base)Description Summary The software sets a pointer to a specific address other than NULL or 0. Extended Description If the pointer is set to a specific address, that address will probably not be valid in all environments or platforms. Weakness Ordinalities Primary (where the weakness exists independent of other weaknesses) Potential Mitigations Implementation Never set a pointer to a fixed address. Demonstrative Examples C Example: int (*pt2Function) (float, char, char)=0x08040000; int result2 = (*pt2Function) (12, 'a', 'b'); // Here we can inject code to execute.
Other Notes Consequence: Integrity: If one executes code at a known location, one might be able to inject code there beforehand. Consequence: Confidentiality: The data at a known pointer location can be easily read. Most often, this issue will only result in a crash, but in circumstances where a user can influence the data at which the pointer points to, it may result in code execution. At best, using fixed addresses is not portable. Relationships
Taxonomy Mappings
Applicable Platforms Languages C C++ C# Assembly Time of Introduction Architecture and Design ImplementationWhite Box Definitions A weakness where code path has: 1. end statement that assigns an address to a pointer 2. start statement that defines the address and the address is a literal value Content History Modifications Eric Dalci. Cigital. 2008-07-01. (External) updated Time_of_Introduction KDM Analytics. 2008-08-01. (External) added/updated white box definitions CWE Content Team. MITRE. 2008-09-08. (Internal) updated Applicable_Platforms, Description, Relationships, Other_Notes, Weakness_Ordinalities CWE Content Team. MITRE. 2008-11-24. (Internal) updated Relationships, Taxonomy_Mappings |
|
|
|||