logo

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-120 High

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Description

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

A buffer overflow condition exists when a product attempts to put more data in a buffer than it can hold, or when it attempts to put data in a memory area outside of the boundaries of a buffer. The simplest type of error, and the most common cause of buffer overflows, is the "classic" case in which the product copies the buffer without restricting how much is copied. Other variants exist, but the existence of a classic overflow strongly suggests that the programmer is not considering even the most basic of security protections.

Common Consequences

Scope: Integrity, Confidentiality, Availability

Impact: Modify Memory, Execute Unauthorized Code or Commands

Notes: Buffer overflows often can be used to execute arbitrary code, which is usually outside the scope of the product's implicit security policy. This can often be used to subvert any other security service.

Scope: Availability

Impact: Modify Memory, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU)

Notes: Buffer overflows generally lead to crashes. Other attacks leading to lack of availability are possible, including putting the product into an infinite loop.

Related Weaknesses
Related Alerts
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website