Buffer Over-read |
Weakness ID: 126 (Weakness Variant) | Status: Draft |
Description Summary
The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
Extended Description
This typically occurs when the pointer or its index is incremented to a position beyond the bounds of the buffer or when pointer arithmetic results in a position outside of the valid memory location to name a few. This may result in exposure of sensitive information or possibly a crash.
Ordinality | Description |
---|---|
Primary | (where the weakness exists independent of other weaknesses) |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
ChildOf | Weakness Base | 125 | Out-of-bounds Read | Development Concepts699 Research Concepts1000 |
ChildOf | Weakness Base | 788 | Access of Memory Location After End of Buffer | Development Concepts (primary)699 Research Concepts (primary)1000 |
CanFollow | Weakness Base | 170 | Improper Null Termination | Research Concepts1000 |
These problems may be resultant from missing sentinel values (CWE-463) or trusting a user-influenced input length variable. |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
PLOVER | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Applicable Platforms, Relationships, Taxonomy Mappings, Weakness Ordinalities | ||||
2009-10-29 | CWE Content Team | MITRE | Internal | |
updated Description, Relationship Notes, Relationships |