CWE-806: Buffer Access Using Size of Source Buffer
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product uses the size of a source buffer when reading from or writing to a destination buffer, which may cause it to access memory that is outside of the bounds of the buffer.
扩展描述
When the size of the destination is smaller than the size of the source, a buffer overflow could occur.
常见后果
影响范围: Availability
技术影响: Modify Memory DoS: Crash, Exit, or Restart DoS: Resource Consumption (CPU)
说明: Buffer overflows generally lead to crashes. Other attacks leading to lack of availability are possible, including putting the program into an infinite loop.
影响范围: Integrity Confidentiality Availability
技术影响: Read Memory Modify Memory Execute Unauthorized Code or Commands
说明: Buffer overflows often can be used to execute arbitrary code, which is usually outside the scope of a program's implicit security policy.
影响范围: Access Control
技术影响: Bypass Protection Mechanism
说明: When the consequence is arbitrary code execution, this can often be used to subvert any other security service.
潜在缓解措施
阶段: Architecture and Design
描述: Use an abstraction library to abstract away risky APIs. Examples include the Safe C String Library (SafeStr) by Viega, and the Strsafe.h library from Microsoft. This is not a complete solution, since many buffer overflows are not related to strings.
阶段: Operation Build and Compilation
策略: Environment Hardening
有效性: Defense in Depth
阶段: Implementation
描述: Programmers should adhere to the following rules when allocating and managing their applications memory: Double check that your buffer is as large as you specify. When using functions that accept a number of bytes to copy, such as strncpy(), be aware that if the destination buffer size is equal to the source buffer size, it may not NULL-terminate the string. Check buffer boundaries if calling this function in a loop and make sure there is no danger of writing past the allocated space. Truncate all input strings to a reasonable length before passing them to the copy and concatenation functions.
阶段: Operation Build and Compilation
策略: Environment Hardening
有效性: Defense in Depth
阶段: Operation
策略: Environment Hardening
有效性: Defense in Depth
阶段: Build and Compilation Operation
描述: Most mitigating technologies at the compiler or OS level to date address only a subset of buffer overflow problems and rarely provide complete protection against even that subset. It is good practice to implement strategies to increase the workload of an attacker, such as leaving the attacker to guess an unknown value that changes every program execution.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |