Tag Archives: CWE- 588

CWE-588 – Attempt to Access Child of a Non-structure Pointer

Read Time:33 Second

Description

Casting a non-structure type to a structure type and accessing a field can lead to memory access errors or data corruption.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-704
CWE-758

 

Consequences

Integrity: Modify Memory

Adjacent variables in memory may be corrupted by assignments performed on fields after the cast.

Availability: DoS: Crash, Exit, or Restart

Execution may end due to a memory access error.

 

Potential Mitigations

Phase: Requirements

Description: 

The choice could be made to use a language that is not susceptible to these issues.

Phase: Implementation

Description: 

Review of type casting operations can identify locations where incompatible types are cast.

CVE References