Return of Pointer Value Outside of Expected Range
Weakness ID: 466 (Weakness Base)Status: Draft
+ Description

Description Summary

A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference.
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms

Languages

C

C++

+ Potential Mitigations

Perform a value check on the returned pointer (e.g. value whithin expected range)

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness ClassWeakness Class20Improper Input Validation
Seven Pernicious Kingdoms (primary)700
ChildOfWeakness ClassWeakness Class119Failure to Constrain Operations within the Bounds of a Memory Buffer
Research Concepts (primary)1000
ChildOfCategoryCategory465Pointer Issues
Development Concepts (primary)699
ChildOfCategoryCategory738CERT C Secure Coding Section 04 - Integers (INT)
Weaknesses Addressed by the CERT C Secure Coding Standard (primary)734
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
7 Pernicious KingdomsIllegal Pointer Value
CERT C Secure CodingINT11-CTake care when converting from pointer to integer or integer to pointer
+ White Box Definitions

A weakness where code path has:

1. end statement that returns an address associated with a buffer where address is outside the buffer

2. start statement that computes a position into the buffer

+ Maintenance Notes

This entry should have a chaining relationship with CWE-119 instead of a parent / child relationship, however the focus of this weakness does not map cleanly to any existing entries in CWE. A new parent is being considered which covers the more generic problem of incorrect return values. There is also an abstract relationship to weaknesses in which one component sends incorrect messages to another component; in this case, one routine is sending an incorrect value to another.

+ Content History
Submissions
Submission DateSubmitterOrganizationSource
7 Pernicious KingdomsExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Potential Mitigations, Time of Introduction
2008-08-01KDM AnalyticsExternal
added/updated white box definitions
2008-09-08CWE Content TeamMITREInternal
updated Applicable Platforms, Relationships, Taxonomy Mappings
2008-11-24CWE Content TeamMITREInternal
updated Relationships, Taxonomy Mappings
2009-10-29CWE Content TeamMITREInternal
updated Maintenance Notes
Previous Entry Names
Change DatePrevious Entry Name
2008-04-11Illegal Pointer Value