CWE-587 将一个固定地址复制给指针

Assignment of a Fixed Address to a Pointer

结构: Simple

Abstraction: Base

状态: Draft

被利用可能性: unkown


The software sets a pointer to a specific address other than NULL or 0.


Using a fixed address is not portable because that address will probably not be valid in all environments or platforms.


  • cwe_Nature: ChildOf cwe_CWE_ID: 344 cwe_View_ID: 1000 cwe_Ordinal: Primary

  • cwe_Nature: ChildOf cwe_CWE_ID: 758 cwe_View_ID: 1000


Language: [{'cwe_Name': 'C', 'cwe_Prevalence': 'Undetermined'}, {'cwe_Name': 'C++', 'cwe_Prevalence': 'Undetermined'}, {'cwe_Name': 'C#', 'cwe_Prevalence': 'Undetermined'}, {'cwe_Class': 'Assembly', 'cwe_Prevalence': 'Undetermined'}]


范围 影响 注释
['Integrity', 'Confidentiality', 'Availability'] Execute Unauthorized Code or Commands If one executes code at a known location, an attacker might be able to inject code there beforehand.
Availability DoS: Crash, Exit, or Restart If the code is ported to another platform or environment, the pointer is likely to be invalid and cause a crash.
['Confidentiality', 'Integrity'] ['Read Memory', 'Modify Memory'] The data at a known pointer location can be easily read or influenced by an attacker.




Never set a pointer to a fixed address.


This code assumes a particular function will always be found at a particular address. It assigns a pointer to that address and calls the function.

bad C

int (pt2Function) (float, char, char)=0x08040000;
int result2 = (
pt2Function) (12, 'a', 'b');
// Here we can inject code to execute.

The same function may not always be found at the same memory address. This could lead to a crash, or an attacker may alter the memory at the expected address, leading to arbitrary code execution.


映射的分类名 ImNode ID Fit Mapped Node Name
CERT C Secure Coding INT36-C Imprecise Converting a pointer to integer or integer to pointer
Software Fault Patterns SFP1 Glitch in computation