Détail du CWE-188

The product makes invalid assumptions about how protocol data or memory is organized at a lower level, resulting in unintended program behavior.

When changing platforms or protocol versions, in-memory organization of data may change in unintended ways. For example, some architectures may place local variables A and B right next to each other with A on top; some may place them next to each other with B on top; and others may add some padding to each. The padding size may vary to ensure that each variable is aligned to a proper word size.

In protocol implementations, it is common to calculate an offset relative to another field to pick out a specific piece of data. Exceptional conditions, often involving new protocol versions, may add corner cases that change the data layout in an unusual way. The result can be that an implementation accesses an unintended field in the packet, treating data of one type as data of another type.

Modes d'introduction

Implementation

Plateformes applicables

Langue

Name: C (Undetermined)
Name: C++ (Undetermined)

Conséquences courantes

Mesures d’atténuation potentielles

Phases : Implementation // Architecture and Design
In flat address space situations, never allow computing memory addresses as offsets from another memory address.
Phases : Architecture and Design
Fully specify protocol layout unambiguously, providing a structured grammar (e.g., a compilable yacc grammar).
Phases : Testing
Testing: Test that the implementation properly handles each case in the protocol grammar.

Méthodes de détection

Fuzzing

Fuzz testing (fuzzing) is a powerful technique for generating large numbers of diverse inputs - either randomly or algorithmically - and dynamically invoking the code with those inputs. Even with random inputs, it is often capable of generating unexpected results such as crashes, memory corruption, or resource consumption. Fuzzing effectively produces repeatable test cases that clearly indicate bugs, which helps developers to diagnose the issues.
Efficacité : High

Notes de cartographie des vulnérabilités

Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Commentaire : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Références

REF-62

The Art of Software Security Assessment
Mark Dowd, John McDonald, Justin Schuh.

REF-18

The CLASP Application Security Process
Secure Software, Inc..
https://cwe.mitre.org/documents/sources/TheCLASPApplicationSecurityProcess.pdf

Soumission

Modifications