CWE-761
Free of Pointer not at Start of Buffer
Incomplete
2009-05-27
00h00 +00:00
00h00 +00:00
2026-04-30
00h00 +00:00
00h00 +00:00
Benachrichtigungen für ein CWE
Bleiben Sie über alle Änderungen zu einem bestimmten CWE informiert.
Name: Free of Pointer not at Start of Buffer
The product calls free() on a pointer to a memory resource that was allocated on the heap, but the pointer is not at the start of the buffer.
Allgemeine Informationen
Einführungsmodi
ImplementationAnwendbare Plattformen
Sprache
Class: Memory-Unsafe (Often)Name: C (Undetermined)
Häufige Konsequenzen
| Bereich | Auswirkung | Wahrscheinlichkeit |
|---|---|---|
| Integrity Availability Confidentiality | Modify Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands |
Beobachtete Beispiele
| Referenzen | Beschreibung |
|---|---|
CVE-2019-11930 | function "internally calls 'calloc' and returns a pointer at an index... inside the allocated buffer. This led to freeing invalid memory." |
Mögliche Gegenmaßnahmen
Phases : ImplementationWhen utilizing pointer arithmetic to traverse a buffer, use a separate variable to track progress through memory and preserve the originally allocated address for later freeing.
Phases : Implementation
When programming in C++, consider using smart pointers provided by the boost library to help correctly and consistently manage memory.
Phases : Architecture and Design
Phases : Architecture and Design
Use a language that provides abstractions for memory allocation and deallocation.
Erkennungsmethoden
Automated Dynamic Analysis
Use tools that are integrated during compilation to insert runtime error-checking mechanisms related to memory safety errors, such as AddressSanitizer (ASan) for C/C++ [REF-1518] or valgrind [REF-480].Wirksamkeit : Moderate
Hinweise zur Schwachstellen-Zuordnung
Begründung : This CWE entry is at the Variant level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Kommentar : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Hinweise
Currently, CWE-763 is the parent, however it may be desirable to have an intermediate parent which is not function-specific, similar to how CWE-762 is an intermediate parent between CWE-763 and CWE-590.Referenzen
REF-657
boost C++ Library Smart Pointershttps://www.boost.org/doc/libs/1_38_0/libs/smart_ptr/smart_ptr.htm
REF-480
Valgrindhttps://valgrind.org/
REF-1518
AddressSanitizerhttps://clang.llvm.org/docs/AddressSanitizer.html
Einreichung
| Name | Organisation | Datum | Veröffentlichungsdatum | Version |
|---|---|---|---|---|
| CWE Content Team | MITRE | 1.4 |
Änderungen
| Name | Organisation | Datum | Kommentar |
|---|---|---|---|
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Demonstrative_Examples, Relationships | |
| CWE Content Team | MITRE | updated Potential_Mitigations | |
| CWE Content Team | MITRE | updated Potential_Mitigations | |
| CWE Content Team | MITRE | updated Relationships, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Observed_Examples | |
| CWE Content Team | MITRE | updated Description | |
| CWE Content Team | MITRE | updated References, Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Functional_Areas, References | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Detection_Factors, Potential_Mitigations, References, Weakness_Ordinalities | |
| CWE Content Team | MITRE | updated Detection_Factors |
