目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-170 不恰当的空终结符 类漏洞列表 35

CWE-170 不恰当的空终结符 类弱点 35 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-170 属于字符串或数组未正确终止空字符的漏洞。攻击者常利用此缺陷,通过缓冲区溢出或构造畸形输入,导致程序崩溃或执行任意代码。开发者应避免使用不安全的字符串处理函数,确保在复制数据时严格检查边界,并显式添加终止符,从而防止越界写入或截断错误,保障内存安全。

MITRE CWE 官方描述
CWE:CWE-170 Improper Null Termination 英文:The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator. Null termination errors frequently occur in two different ways. An off-by-one error could cause a null to be written out of bounds, leading to an overflow. Or, a program could use a strncpy() function call incorrectly, which prevents a null terminator from being added at all. Other scenarios are possible.
常见影响 (4)
Confidentiality, Integrity, AvailabilityRead Memory, Execute Unauthorized Code or Commands
The case of an omitted null character is the most dangerous of the possible issues. This will almost certainly result in information disclosure, and possibly a buffer overflow condition, which may be exploited to execute arbitrary code.
Confidentiality, Integrity, AvailabilityDoS: Crash, Exit, or Restart, Read Memory, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)
If a null character is omitted from a string, then most string-copying functions will read data until they locate a null character, even outside of the intended boundaries of the string. This could: cause a crash due to a segmentation fault cause sensitive adjacent memory to be copied and sent to an…
Integrity, AvailabilityModify Memory, DoS: Crash, Exit, or Restart
Misplaced null characters may result in any number of security problems. The biggest issue is a subset of buffer overflow, and write-what-where conditions, where data corruption occurs from the writing of a null character over valid data, or even instructions. A randomly placed null character may pu…
Integrity, Confidentiality, Availability, Access Control, OtherAlter Execution Logic, Execute Unauthorized Code or Commands
Should the null character corrupt the process flow, or affect a flag controlling access, it may lead to logical errors which allow for the execution of arbitrary code.
缓解措施 (5)
RequirementsUse a language that is not susceptible to these issues. However, be careful of null byte interaction errors (CWE-626) with lower-level constructs that may be written in a language that is susceptible.
ImplementationEnsure that all string functions used are understood fully as to how they append null characters. Also, be wary of off-by-one errors when appending nulls to the end of strings.
ImplementationIf performance constraints permit, special code can be added that validates null-termination of string buffers, this is a rather naive and error-prone solution.
ImplementationSwitch to bounded string manipulation functions. Inspect buffer lengths involved in the buffer overrun trace reported with the defect.
ImplementationAdd code that fills buffers with nulls (however, the length of buffers still needs to be inspected, to ensure that the non null-terminated string is not written at the physical end of the buffer).
代码示例 (2)
The following code reads from cfgfile and copies the input into inputbuf using strcpy(). The code mistakenly assumes that inputbuf will always contain a NULL terminator.
#define MAXLEN 1024 ... char *pathbuf[MAXLEN]; ... read(cfgfile,inputbuf,MAXLEN); //does not null terminate strcpy(pathbuf,inputbuf); //requires null terminated input ...
Bad · C
In the following code, readlink() expands the name of a symbolic link stored in pathname and puts the absolute path into buf. The length of the resulting value is then calculated using strlen().
char buf[MAXPATH]; ... readlink(pathname, buf, MAXPATH); int length = strlen(buf); ...
Bad · C
CVE ID标题CVSS风险等级Published
CVE-2026-34032 Apache HTTP Server mod_proxy_ajp堆缓冲区过读漏洞 — Apache HTTP Server 9.1AICriticalAI2026-05-04
CVE-2026-40334 libgphoto2 安全漏洞 — libgphoto2 3.5 Low2026-04-17
CVE-2026-33948 jq 安全漏洞 — jq 9.8 -2026-04-13
CVE-2026-2239 GIMP 安全漏洞 — Red Hat Enterprise Linux 7 2.8 Low2026-03-26
CVE-2026-32837 miniaudio 安全漏洞 — miniaudio 4.0 Medium2026-03-17
CVE-2026-23749 Golioth Firmware SDK 安全漏洞 — Firmware SDK 2.9 Low2026-02-26
CVE-2025-2026 Moxa NPort 6100-G2 Series和Moxa NPort 6200-G2 Series 安全漏洞 — NPort 6100-G2/6200-G2 Series 6.5 -2025-12-31
CVE-2025-66220 Envoy 安全漏洞 — envoy 5.0 Medium2025-12-03
CVE-2024-31197 libfluid 安全漏洞 — libfluid 5.3 Medium2024-09-18
CVE-2024-43474 Microsoft SQL Server 安全漏洞 — Microsoft SQL Server 2017 (GDR) 7.6 High2024-09-10
CVE-2024-45288 FreeBSD 安全漏洞 — FreeBSD 8.4AIHighAI2024-09-05
CVE-2024-31484 Siemens 多款产品 安全漏洞 — CPC80 Central Processing/Communication 7.8 High2024-05-14
CVE-2024-21442 Microsoft Windows USB Print Driver 安全漏洞 — Windows Server 2022 7.8 High2024-03-12
CVE-2023-48674 Dell BIOS 安全漏洞 — CPG BIOS 6.8 Medium2024-03-01
CVE-2023-36907 Microsoft Windows Cryptographic Services 安全漏洞 — Windows 10 Version 1809 5.5 Medium2023-08-08
CVE-2023-36906 Microsoft Windows Cryptographic Services 安全漏洞 — Windows 10 Version 1809 5.5 Medium2023-08-08
CVE-2023-35321 Microsoft Windows Deployment Services 安全漏洞 — Windows Server 2019 6.5 Medium2023-07-11
CVE-2023-28263 Microsoft Visual Studio 安全漏洞 — Microsoft Visual Studio 2022 version 17.2 5.5 Medium2023-04-11
CVE-2021-31888 Siemens Nucleus ReadyStart 缓冲区错误漏洞 — APOGEE MBC (PPC) (BACnet) 9.8 -2021-11-09
CVE-2021-31887 Siemens Nucleus ReadyStart 缓冲区错误漏洞 — APOGEE MBC (PPC) (BACnet) 9.8 -2021-11-09
CVE-2021-31886 Siemens Nucleus ReadyStart 缓冲区错误漏洞 — APOGEE MBC (PPC) (BACnet) 9.8 -2021-11-09
CVE-2021-31884 Siemens Nucleus ReadyStart 安全漏洞 — APOGEE MBC (PPC) (BACnet) 9.8 -2021-11-09
CVE-2021-1120 Nvidia vGPU Software 安全漏洞 — NVIDIA Virtual GPU Software 7.0 High2021-10-29
CVE-2021-22931 node core 输入验证错误漏洞 — Node 8.8 -2021-08-16
CVE-2020-27736 多款siemens产品 缓冲区错误漏洞 — APOGEE PXC Compact (BACnet) 6.5 Medium2021-04-22
CVE-2021-1418 Cisco Jabber for Windows 安全漏洞 — Cisco Jabber 9.9 Critical2021-03-24
CVE-2021-1417 Cisco Jabber 信息泄露漏洞 — Cisco Jabber 9.9 Critical2021-03-24
CVE-2021-1411 Cisco Jabber for Windows 安全漏洞 — Cisco Jabber 9.9 Critical2021-03-24
CVE-2021-1471 Cisco Jabber 信任管理问题漏洞 — Cisco Jabber 9.9 Critical2021-03-24
CVE-2021-1469 Cisco Jabber for Windows 输入验证错误漏洞 — Cisco Jabber 9.9 Critical2021-03-24

CWE-170(不恰当的空终结符) 是常见的弱点类别,本平台收录该类弱点关联的 35 条 CVE 漏洞。