CWE-622: Improper Validation of Function Hook Arguments
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product adds hooks to user-accessible API functions, but it does not properly validate the arguments. This could lead to resultant vulnerabilities.
扩展描述
Such hooks can be used in defensive software that runs with privileges, such as anti-virus or firewall, which hooks kernel calls. When the arguments are not validated, they could be used to bypass the protection scheme or attack the product itself.
常见后果
影响范围: Integrity
技术影响: Unexpected State
潜在缓解措施
阶段: Architecture and Design
描述: Ensure that all arguments are verified, as defined by the API you are protecting.
阶段: Architecture and Design
描述: Drop privileges before invoking such functions, if possible.
观察示例
参考: CVE-2007-0708
DoS in firewall using standard Microsoft functions
参考: CVE-2006-7160
DoS in firewall using standard Microsoft functions
参考: CVE-2007-1376
function does not verify that its argument is the proper type, leading to arbitrary memory write
参考: CVE-2007-1220
invalid syscall arguments bypass code execution limits
参考: CVE-2006-4541
DoS in IDS via NULL argument
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
适用平台
编程语言
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| Software Fault Patterns | SFP27 | Tainted input to environment | - |