CWE-588: Attempt to Access Child of a Non-structure Pointer
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
Casting a non-structure type to a structure type and accessing a field can lead to memory access errors or data corruption.
常见后果
影响范围: Integrity
技术影响: Modify Memory
说明: Adjacent variables in memory may be corrupted by assignments performed on fields after the cast.
影响范围: Availability
技术影响: DoS: Crash, Exit, or Restart
说明: Execution may end due to a memory access error.
潜在缓解措施
阶段: Requirements
描述: The choice could be made to use a language that is not susceptible to these issues.
阶段: Implementation
描述: Review of type casting operations can identify locations where incompatible types are cast.
观察示例
参考: CVE-2021-3510
JSON decoder accesses a C union using an invalid offset to an object
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| Software Fault Patterns | SFP7 | Faulty Pointer Use | - |