CWE-170 - Improper Null Termination
Medium
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Improper Null Termination
- Description
The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.
Null termination errors frequently occur in two different ways. An off-by-one error could cause a null to be written out of bounds, leading to an overflow. Or, a program could use a strncpy() function call incorrectly, which prevents a null terminator from being added at all. Other scenarios are possible.
- Common Consequences
Scope: Confidentiality, Integrity, Availability
Impact: Read Memory, Execute Unauthorized Code or Commands
Notes: The case of an omitted null character is the most dangerous of the possible issues. This will almost certainly result in information disclosure, and possibly a buffer overflow condition, which may be exploited to execute arbitrary code.
Scope: Confidentiality, Integrity, Availability
Impact: DoS: Crash, Exit, or Restart, Read Memory, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)
Notes: If a null character is omitted from a string, then most string-copying functions will read data until they locate a null character, even outside of the intended boundaries of the string. This could: cause a crash due to a segmentation fault cause sensitive adjacent memory to be copied and sent to an outsider trigger a buffer overflow when the copy is being written to a fixed-size buffer.
Scope: Integrity, Availability
Impact: Modify Memory, DoS: Crash, Exit, or Restart
Notes: Misplaced null characters may result in any number of security problems. The biggest issue is a subset of buffer overflow, and write-what-where conditions, where data corruption occurs from the writing of a null character over valid data, or even instructions. A randomly placed null character may put the system into an undefined state, and therefore make it prone to crashing. A misplaced null character may corrupt other data in memory.
Scope: Integrity, Confidentiality, Availability, Access Control, Other
Impact: Alter Execution Logic, Execute Unauthorized Code or Commands
Notes: Should the null character corrupt the process flow, or affect a flag controlling access, it may lead to logical errors which allow for the execution of arbitrary code.
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2023-06-29
Free online web security scanner