目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-128 超界折返处理错误 类漏洞列表 1

CWE-128 超界折返处理错误 类弱点 1 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-128 属于整数溢出漏洞,当数值递增超过类型最大值时,会回绕至极小、负数或未定义值。攻击者常利用此缺陷绕过长度检查或分配过小内存,进而引发缓冲区溢出等严重后果。开发者应避免使用无符号整数进行边界计算,改用安全库或显式检查溢出条件,确保数值处理逻辑的严密性与安全性。

MITRE CWE 官方描述
CWE:CWE-128 Wrap-around Error(环绕错误) 英文:当某个值递增超过其类型的最大值时,就会发生 Wrap around errors(环绕错误),从而导致该值“环绕”到一个非常小、负数或未定义的值。
常见影响 (3)
AvailabilityDoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Instability
This weakness will generally lead to undefined behavior and therefore crashes. In the case of overflows involving loop index variables, the likelihood of infinite loops is also high.
IntegrityModify Memory
If the value in question is important to data (as opposed to flow), simple data corruption has occurred. Also, if the wrap around results in other conditions such as buffer overflows, further memory corruption may occur.
Confidentiality, Availability, Access ControlExecute Unauthorized Code or Commands, Bypass Protection Mechanism
This weakness can sometimes trigger buffer overflows which can be used to execute arbitrary code. This is usually outside the scope of a program's implicit security policy.
缓解措施 (3)
Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
Architecture and DesignProvide clear upper and lower bounds on the scale of any protocols designed.
ImplementationPerform validation on all incremented variables to ensure that they remain within reasonable bounds.
代码示例 (1)
The following image processing code allocates a table for images.
img_t table_ptr; /*struct containing img data, 10kB each*/ int num_imgs; ... num_imgs = get_num_imgs(); table_ptr = (img_t*)malloc(sizeof(img_t)*num_imgs); ...
Bad · C
CVE ID标题CVSS风险等级Published
CVE-2022-35258 Pulse Secure Pulse Connect Secure 安全漏洞 — Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Neurons for Zero Trust Access Gateway 7.5 -2022-12-05

CWE-128(超界折返处理错误) 是常见的弱点类别,本平台收录该类弱点关联的 1 条 CVE 漏洞。