Description

The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

Extended Description

This typically occurs when the pointer or its index is incremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in exposure of sensitive information or possibly a crash.

Applicable Platforms
Language: C
Language: C++

Time Of Introduction

• Implementation

Common Consequences

Detection Methods
None

Potential Mitigations
None

Relationships
These problems may be resultant from missing sentinel values (CWE-463) or trusting a user-influenced input length variable.

Demonstrative Examples   (Details)

1. In the following C/C++ example the method processMessageFromSocket() will get a message from a socket, placed into a buffer, and will parse the contents of the buffer into a structure that contains the message length and the message body. A for loop is used to copy the message body into a local character string which will be passed to another method for processing. (Demonstrative Example Id DX-91)

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

References:
None