CWE-621: Variable Extraction Error
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product uses external input to determine the names of variables into which information is extracted, without verifying that the names of the specified variables are valid. This could cause the program to overwrite unintended variables.
常见后果
影响范围: Integrity
技术影响: Modify Application Data
说明: An attacker could modify sensitive data or program variables.
潜在缓解措施
阶段: Implementation
策略: Input Validation
描述: Use allowlists of variable names that can be extracted.
阶段: Implementation
描述: Consider refactoring your code to avoid extraction routines altogether.
阶段: Implementation
描述: In PHP, call extract() with options such as EXTR_SKIP and EXTR_PREFIX_ALL; call import_request_variables() with a prefix argument. Note that these capabilities are not present in all PHP versions.
观察示例
参考: CVE-2006-7135
extract issue enables file inclusion
参考: CVE-2006-7079
Chain: PHP app uses extract for register_globals compatibility layer (CWE-621), enabling path traversal (CWE-22)
参考: CVE-2007-0649
extract() buried in include files makes post-disclosure analysis confusing; original report had seemed incorrect.
参考: CVE-2006-6661
extract() enables static code injection
参考: CVE-2006-2828
import_request_variables() buried in include files makes post-disclosure analysis confusing
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
适用平台
编程语言
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| Software Fault Patterns | SFP24 | Tainted input to command | - |