Difference between revisions of "Use of sizeof() on a pointer type"

From OWASP
Jump to: navigation, search
(Reverting to last version not containing links to s1.shard.jp)
Line 1: Line 1:
[http://s1.shard.jp/frhorton/t45lfscw6.html south africa history racism
 
] [http://s1.shard.jp/galeach/new100.html ductular hepatic hypoplasia syndromatic
 
] [http://s1.shard.jp/olharder/comparatif-automobile.html product to get scratches of of auto glass
 
] [http://s1.shard.jp/olharder/autoroll-654.html url] [http://s1.shard.jp/olharder/44-auto-trader-nz.html auto honda majestic part
 
] [http://s1.shard.jp/frhorton/6jht1xnfg.html abidjan ivory coast africa
 
] [http://s1.shard.jp/losaul/melbourne-airport.html government gazette western australia
 
] [http://s1.shard.jp/galeach/new188.html jestar asia
 
] [http://s1.shard.jp/losaul/australian-artists.html real estate board perth australia
 
] [http://s1.shard.jp/galeach/new86.html chicago asian male massage
 
] [http://s1.shard.jp/frhorton/5hrrb99yl.html africa muscle south teen
 
] [http://s1.shard.jp/galeach/new42.html asian culture western
 
] [http://s1.shard.jp/frhorton/v8af479gm.html how many people speak spanish in africa
 
] [http://s1.shard.jp/losaul/wiremesh-australia.html australian bookmakers association
 
] [http://s1.shard.jp/olharder/autoroll-654.html domain] [http://s1.shard.jp/galeach/new133.html asian cleanser mulberry whitening
 
] [http://s1.shard.jp/galeach/new161.html asian boy lady mal
 
] [http://s1.shard.jp/olharder/autoroll-654.html domain] [http://s1.shard.jp/galeach/new97.html nodular prostatic hyperplasia
 
] [http://s1.shard.jp/olharder/automated-vehicle.html top notch auto sales
 
] [http://s1.shard.jp/bireba/antivirus-online.html meilleur antivirus gratuit
 
] [http://s1.shard.jp/losaul/compare-flights.html australian states emblems
 
] [http://s1.shard.jp/galeach/new48.html asia online times
 
] [http://s1.shard.jp/olharder/autoroll-654.html page] [http://s1.shard.jp/bireba/how-to-activate.html macffe antivirus
 
] [http://s1.shard.jp/bireba/symantec-antivirus.html mcaffee antivirus updates
 
] [http://s1.shard.jp/losaul/australia-zoo.html water pollution in australia
 
] [http://s1.shard.jp/frhorton/w2yqtuc7f.html african bead necklace
 
] [http://s1.shard.jp/frhorton/tiwomyd3z.html dogon mali africa
 
] [http://s1.shard.jp/olharder/aaa-auto-sales.html reynolds and reynolds automotive software
 
] [http://s1.shard.jp/frhorton/j45p2foyu.html rainy season in africa
 
] [http://s1.shard.jp/olharder/autonomy-principal.html johns auto parts brampton
 
] [http://s1.shard.jp/galeach/new169.html asia east tour
 
] [http://s1.shard.jp/bireba/shield-2005-pro.html antivirus mcafee download
 
] [http://s1.shard.jp/olharder/300m-auto.html brilliance automotive
 
] [http://s1.shard.jp/olharder/autoroll-654.html top] [http://s1.shard.jp/olharder/cheap-auto-insurance.html canadian auto racing
 
] [http://s1.shard.jp/losaul/new-england-university.html model boats australia
 
] [http://s1.shard.jp/olharder/ontegra-automotive.html autodata book
 
] [http://s1.shard.jp/losaul/holiday-accommodation.html australian english phonology
 
] [http://s1.shard.jp/olharder/subasta-de-autos.html autocad cars
 
] [http://s1.shard.jp/losaul/vetco-aibel.html australian no quota tv
 
] [http://s1.shard.jp/frhorton/ african adventures
 
] [http://s1.shard.jp/frhorton/te8ykt7rl.html african machine embroidery design
 
] [http://s1.shard.jp/bireba/avg-antivirus.html asquared antivirus
 
] [http://s1.shard.jp/galeach/new174.html receptive aphasia
 
] [http://s1.shard.jp/losaul/australian-oil.html australian travel warnings
 
] [http://s1.shard.jp/galeach/new177.html asian scat picture] [http://s1.shard.jp/bireba/vet-antivirus.html antivirus software for download
 
] [http://s1.shard.jp/olharder/automobile-essai.html automatic water hose reel
 
 
 
http://www.textcnacatata.com  
 
http://www.textcnacatata.com  
 
{{Template:Vulnerability}}
 
{{Template:Vulnerability}}

Revision as of 10:59, 27 May 2009

http://www.textcnacatata.com This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.


Last revision (mm/dd/yy): 05/27/2009

Vulnerabilities Table of Contents

Description

Running sizeof() on a malloced pointer type will always return the wordsize/8.

Consequences

Authorization: This error can often cause one to allocate a buffer much smaller than what is needed and therefore other problems like a buffer overflow can be caused.

Exposure period

Implementation: This is entirely an implementation flaw.

Platform

  • Languages: C or C++
  • Operating platforms: Any

Required resources

Any

Severity

High

Likelihood of exploit

High

One can in fact use the sizeof() of a pointer as useful information. An obvious case is to find out the wordsize on a platform. More often than not, the appearance of sizeof(pointer)


Risk Factors

TBD

Examples

In C/C++:

#include <stdiob.h>

int main(){
  void *foo;
  printf("%d\n",sizeof(foo)); //this will return wordsize/4
  return 0;
}


Related Attacks


Related Vulnerabilities


Related Controls

  • Implementation: Unless one is trying to leverage running sizeof() on a pointer type to gain some platform independence or if one is mallocing a variable on the stack, this should not be done.

Related Technical Impacts


References

TBD