CWE-587 将一个固定地址复制给指针

admin 2021年11月21日19:08:08CWE(弱点枚举)评论53 views1671字阅读5分34秒阅读模式

CWE-587 将一个固定地址复制给指针

Assignment of a Fixed Address to a Pointer

结构: Simple

Abstraction: Base

状态: Draft

被利用可能性: unkown

基本描述

The software sets a pointer to a specific address other than NULL or 0.

扩展描述

Using a fixed address is not portable because that address will probably not be valid in all environments or platforms.

相关缺陷

  • cwe_Nature: ChildOf cwe_CWE_ID: 344 cwe_View_ID: 1000 cwe_Ordinal: Primary

  • cwe_Nature: ChildOf cwe_CWE_ID: 758 cwe_View_ID: 1000

适用平台

Language: [{'cwe_Name': 'C', 'cwe_Prevalence': 'Undetermined'}, {'cwe_Name': 'C++', 'cwe_Prevalence': 'Undetermined'}, {'cwe_Name': 'C#', 'cwe_Prevalence': 'Undetermined'}, {'cwe_Class': 'Assembly', 'cwe_Prevalence': 'Undetermined'}]

常见的影响

范围 影响 注释
['Integrity', 'Confidentiality', 'Availability'] Execute Unauthorized Code or Commands If one executes code at a known location, an attacker might be able to inject code there beforehand.
Availability DoS: Crash, Exit, or Restart If the code is ported to another platform or environment, the pointer is likely to be invalid and cause a crash.
['Confidentiality', 'Integrity'] ['Read Memory', 'Modify Memory'] The data at a known pointer location can be easily read or influenced by an attacker.

可能的缓解方案

Implementation

策略:

Never set a pointer to a fixed address.

示例代码

This code assumes a particular function will always be found at a particular address. It assigns a pointer to that address and calls the function.

bad C

int (pt2Function) (float, char, char)=0x08040000;
int result2 = (
pt2Function) (12, 'a', 'b');
// Here we can inject code to execute.

The same function may not always be found at the same memory address. This could lead to a crash, or an attacker may alter the memory at the expected address, leading to arbitrary code execution.

分类映射

映射的分类名 ImNode ID Fit Mapped Node Name
CERT C Secure Coding INT36-C Imprecise Converting a pointer to integer or integer to pointer
Software Fault Patterns SFP1 Glitch in computation

文章来源于互联网:scap中文网

特别标注: 本站(CN-SEC.COM)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
  • 我的微信
  • 微信扫一扫
  • weinxin
  • 我的微信公众号
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2021年11月21日19:08:08
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                  CWE-587 将一个固定地址复制给指针 http://cn-sec.com/archives/613459.html

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: