目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-131 缓冲区大小计算不正确 类漏洞列表 82

CWE-131 缓冲区大小计算不正确 类弱点 82 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-131属于内存安全类漏洞,指产品在分配缓冲区时未能正确计算所需大小。攻击者通常利用此缺陷触发缓冲区溢出,进而执行恶意代码或导致系统崩溃。开发者应避免此类风险,需严格验证输入长度,使用安全的内存分配函数,并确保在分配前准确计算缓冲区大小,同时实施边界检查以防止越界访问。

MITRE CWE 官方描述
CWE:CWE-131 缓冲区大小计算错误 (Incorrect Calculation of Buffer Size) 英文:产品在分配缓冲区时未能正确计算所需的大小,这可能导致缓冲区溢出 (buffer overflow)。
常见影响 (1)
Integrity, Availability, ConfidentialityDoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands, Read Memory, Modify Memory
If the incorrect calculation is used in the context of memory allocation, then the software may create a buffer that is smaller or larger than expected. If the allocated buffer is smaller than expected, this could lead to an out-of-bounds read or write (CWE-119), possibly causing a crash, allowing a…
缓解措施 (5)
ImplementationWhen allocating a buffer for the purpose of transforming, converting, or encoding an input, allocate enough memory to handle the largest possible encoding. For example, in a routine that converts "&" characters to "&" for HTML entity encoding, the output buffer needs to be at least 5 times as large as the input buffer.
ImplementationUnderstand the programming language's underlying representation and how it interacts with numeric calculation (CWE-681). Pay close attention to byte size discrepancies, precision, signed/unsigned distinctions, truncation, conversion and casting between types, "not-a-number" calculations, and how the language handles numbers that are too large or too small for its underlying representation. [REF-7]…
ImplementationPerform input validation on any numeric input by ensuring that it is within the expected range. Enforce that the input meets both the minimum and maximum requirements for the expected range.
Architecture and DesignFor any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
ImplementationWhen processing structured incoming data containing a size field followed by raw data, identify and resolve any inconsistencies between the size field and the actual size of the data (CWE-130).
代码示例 (2)
The following code allocates memory for a maximum number of widgets. It then gets a user-specified number of widgets, making sure that the user does not request too many. It then initializes the elements of the array using InitializeWidget(). Because the number of widgets can vary for each request, the code inserts a NULL pointer to signify the location of the last widget.
int i; unsigned int numWidgets; Widget **WidgetList; numWidgets = GetUntrustedSizeValue(); if ((numWidgets == 0) || (numWidgets > MAX_NUM_WIDGETS)) { ExitError("Incorrect number of widgets requested!"); } WidgetList = (Widget **)malloc(numWidgets * sizeof(Widget *)); printf("WidgetList ptr=%p\n", WidgetList); for(i=0; i<numWidgets; i++) { WidgetList[i] = InitializeWidget(); } WidgetList[numWidgets] = NULL; showWidgets(WidgetList);
Bad · C
The following image processing code allocates a table for images.
img_t table_ptr; /*struct containing img data, 10kB each*/ int num_imgs; ... num_imgs = get_num_imgs(); table_ptr = (img_t*)malloc(sizeof(img_t)*num_imgs); ...
Bad · C
CVE ID标题CVSS风险等级Published
CVE-2021-21824 Accusoft ImageGear 缓冲区错误漏洞 — Accusoft 8.8 -2021-06-11
CVE-2021-3491 Linux kernel 缓冲区错误漏洞 — Linux kernel 7.8 High2021-06-04
CVE-2021-29521 Google TensorFlow 安全漏洞 — tensorflow 2.5 Low2021-05-14
CVE-2021-29608 Google TensorFlow 安全漏洞 — tensorflow 5.3 Medium2021-05-14
CVE-2021-29529 Google TensorFlow 安全漏洞 — tensorflow 2.5 Low2021-05-14
CVE-2021-29535 Google TensorFlow 缓冲区错误漏洞 — tensorflow 2.5 Low2021-05-14
CVE-2021-29536 Google TensorFlow 缓冲区错误漏洞 — tensorflow 2.5 Low2021-05-14
CVE-2021-29537 Google TensorFlow 缓冲区错误漏洞 — tensorflow 2.5 Low2021-05-14
CVE-2021-29542 Google TensorFlow 缓冲区错误漏洞 — tensorflow 2.5 Low2021-05-14
CVE-2021-29545 Google TensorFlow 安全漏洞 — tensorflow 2.5 Low2021-05-14
CVE-2021-0254 Juniper Networks Junos OS 缓冲区错误漏洞 — Junos OS 9.8 Critical2021-04-22
CVE-2021-21782 Accusoft ImageGear 缓冲区错误漏洞 — Accusoft 8.8 -2021-03-31
CVE-2021-21776 Accusoft ImageGear 缓冲区错误漏洞 — Accusoft 8.8 -2021-03-31
CVE-2021-21773 Accusoft ImageGear 代码问题漏洞 — Accusoft 8.8 -2021-03-31
CVE-2020-13585 Accusoft ImageGear 缓冲区错误漏洞 — Accusoft 8.8 -2021-02-10
CVE-2020-1680 Juniper Networks Junos OS MX 安全漏洞 — Junos OS 5.3 Medium2020-10-16
CVE-2020-6106 F2fs.Fsck 缓冲区错误漏洞 — F2fs-Tools 5.5 -2020-10-15
CVE-2020-6108 F2fs.Fsck 缓冲区错误漏洞 — F2fs-Tools 7.8 -2020-10-15
CVE-2020-14385 Linux kernel 代码问题漏洞 — kernel 5.5 Medium2020-09-15
CVE-2019-19282 Siemens SIMATIC PCS 7和SIMATIC WinCC 输入验证错误漏洞 — OpenPCS 7 V8.1 7.5 High2020-03-10
CVE-2019-5435 Haxx libcurl 输入验证错误漏洞 — curl 7.4 -2019-05-28
CVE-2018-14618 Haxx curl 输入验证错误漏洞 — curl 9.8 -2018-09-05

CWE-131(缓冲区大小计算不正确) 是常见的弱点类别,本平台收录该类弱点关联的 82 条 CVE 漏洞。