CQE-788: Memory Location Access After End of Buffer

 
Memory Location Access After End of Buffer
[an error occurred while processing this directive] Definition in a New Window Definition in a New Window
Quality Issue ID: 788 Maturity: Preliminary
+ Description

Description Summary

This pattern identifies situations where the value element is transformed throughout the application along the sequence composed of ActionElements with DataRelations relations, some of which being part of named callable and method control elements, and ultimately used as an index element to access a storable or member data element in the buffer Read or Write access action; none of the callable or method control element of the transformation sequence being a range check with regards to the buffer whose maximum size was defined in the buffer creation action.
+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
ChildOf
Ch
Characteristic
9120Reliability
Default Graph (primary)9001
ChildOf
Pr
Practice
9144Resource Monitoring
Quality Issues Organized by Practices (primary)9002
CanPrecede
Co
Consequence
9177Resource Exhaustion
Default Graph (primary)9001

Related Taxonomy Entries

TaxonomyVersionRelated ID
ASCRM1ASCRM-CWE-788
CWE2.11788
+ References
"Automated Source Code Reliability Measure (ASCRM)". ASCRM-CWE-788. v1.0. Object Management Group (OMG). 2016-01-01. <http://www.omg.org/spec/ASCRM/1.0/>.
Page Last Updated or Reviewed: October 01, 2017