|
|
|
|
CWE-588: Attempt to Access Child of a Non-structure Pointer | |
| | Attempt to Access Child of a Non-structure Pointer |
|
| Weakness ID: 588 (Weakness Variant) | | Status: Incomplete |
 Description
Description Summary Casting a non-structure type to a structure type and accessing
a field can lead to memory access errors or data
corruption.
Time of Introduction
- Architecture and Design
- Implementation
Common Consequences | Scope | Effect |
|---|
Integrity | Adjacent variables in memory may be corrupted by assignments performed
on fields after the cast. |
Availability | Execution may end due to a memory access error. |
Demonstrative Examples Example 1 (Bad Code) C struct foo { } ... int main(int argc, char **argv) {
*foo = (struct foo *)main;
foo->i = 2;
return foo->i;
} Potential Mitigations | Phase | Description |
|---|
| Requirements specification: The choice could be made to use a language
that is not susceptible to these issues. |
Implementation | Review of type casting operations can identify locations where
incompatible types are cast. |
Relationships Content History | Modifications |
|---|
| Modification Date | Modifier | Organization | Source |
|---|
| 2008-07-01 | Eric Dalci | Cigital | External | | updated Time of Introduction | | 2008-09-08 | CWE Content Team | MITRE | Internal | | updated Relationships, Other Notes | | 2009-03-10 | CWE Content Team | MITRE | Internal | | updated Relationships | | 2009-07-27 | CWE Content Team | MITRE | Internal | | updated Common Consequences,
Other Notes |
|
