CWE-680

CompoundDraft

View on MITRE

Integer Overflow to Buffer Overflow

The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow.

95 linked vulnerabilities

2 related weaknesses

IntegrityAvailabilityConfidentialityModify MemoryDoS: Crash, Exit, or RestartExecute Unauthorized Code or Commands

Automated Static AnalysisEffectiveness: High

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)

Automated Dynamic AnalysisEffectiveness: Moderate

Use tools that are integrated during compilation to insert runtime error-checking mechanisms related to memory safety errors, such as AddressSanitizer (ASan) for C/C++ [REF-1518].

Modes of Introduction

Implementation

Related Weaknesses

CWE-190StartsWith CWE-190ChildOf

Example CVEs (2)

CVE-2021-43537

Chain: in a web browser, an unsigned 64-bit integer is forcibly cast to a 32-bit integer (CWE-681) and potentially leading to an integer overflow (CWE-190). If an integer overflow occurs, this can cause heap memory corruption (CWE-122)

CVE-2017-1000121

chain: unchecked message size metadata allows integer overflow (CWE-190) leading to buffer overflow (CWE-119).

External Links

MITRE CWE Database