Category: Pointer Issues
Draft
Summary
Weaknesses in this category are related to improper handling of pointers.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-466 | Return of Pointer Value Outside of Expected Range | This vulnerability occurs when a function returns a memory pointer that points outside the expected buffer range, potentially exposing unrelated memory or causing crashes. |
| CWE-468 | Incorrect Pointer Scaling | This vulnerability occurs when a programmer incorrectly accounts for pointer arithmetic in C or C++, causing the program to access unintended memory locations. The core issue is forgetting that adding an integer to a pointer automatically scales that integer by the size of the data type it points to. |
| CWE-469 | Use of Pointer Subtraction to Determine Size | This vulnerability occurs when a program calculates a size or offset by subtracting two memory pointers, but the pointers point to locations in different memory blocks, leading to an incorrect and potentially dangerous result. |
| CWE-476 | NULL Pointer Dereference | This vulnerability occurs when a program attempts to access or manipulate memory using a pointer that is set to NULL, causing a crash or unexpected behavior. |
| CWE-587 | Assignment of a Fixed Address to a Pointer | This vulnerability occurs when code explicitly assigns a hardcoded memory address to a pointer, instead of using a dynamic or null value. |
| CWE-763 | Release of Invalid Pointer or Reference | This vulnerability occurs when a program tries to free a memory resource back to the system but uses an incorrect deallocation method or calls the correct method improperly. |
| CWE-822 | Untrusted Pointer Dereference | This vulnerability occurs when software takes a value from an untrusted source, treats it as a memory address (a pointer), and then accesses that memory location directly for reading or writing. |
| CWE-823 | Use of Out-of-range Pointer Offset | This vulnerability occurs when a program calculates a new memory address using a valid pointer and an offset, but the resulting address points outside the intended, safe memory region, such as beyond the bounds of an array or structure. |
| CWE-824 | Access of Uninitialized Pointer | This vulnerability occurs when a program tries to use a pointer variable before it has been assigned a valid memory address. |
| CWE-825 | Expired Pointer Dereference | This vulnerability occurs when a program tries to use a pointer that still points to a memory location that has already been freed or released. |
| CWE-699 | Software Development | This view organizes weaknesses around concepts that are frequently used or encountered in software development. This includes all aspects of the software development lifecycle including both architecture and implementation. Accordingly, this view can align closely with the perspectives of architects, developers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.