Modes Of Introduction
Implementation : A typical occurrence of this weakness occurs when an application includes user-controlled input to a malloc() call. The related code might be correct with respect to preventing buffer overflows, but if a large value is provided, the malloc() will fail due to insufficient memory. This problem also frequently occurs when a parsing routine expects that certain elements will always be present. If malformed input is provided, the parser might return NULL. For example, strtok() can return NULL.
Applicable Platforms
Language
Name: C (Undetermined)
Name: C++ (Undetermined)
Common Consequences
Scope |
Impact |
Likelihood |
Availability | DoS: Crash, Exit, or Restart | |
Integrity Confidentiality Availability | Execute Unauthorized Code or Commands, Read Memory, Modify Memory
Note: In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution. | |
Observed Examples
References |
Description |
| Large Content-Length value leads to NULL pointer dereference when malloc fails. |
| Large message length field leads to NULL pointer dereference when malloc fails. |
| Parsing routine encounters NULL dereference when input is missing a colon separator. |
| URI parsing API sets argument to NULL when a parsing failure occurs, such as when the Referer header is missing a hostname, leading to NULL dereference. |
| chain: unchecked return value can lead to NULL dereference |
Detection Methods
Black Box
This typically occurs in rarely-triggered error conditions, reducing the chances of detection during black box testing.
White Box
Code analysis can require knowledge of API behaviors for library functions that might return NULL, reducing the chances of detection when unknown libraries are used.
Vulnerability Mapping Notes
Justification : This CWE entry is a named chain, which combines multiple weaknesses.
Comment : Mapping to each separate weakness in the chain would be more precise.
Submission
Name |
Organization |
Date |
Date release |
Version |
CWE Content Team |
MITRE |
2008-04-11 +00:00 |
2008-04-11 +00:00 |
Draft 9 |
Modifications
Name |
Organization |
Date |
Comment |
Sean Eidemiller |
Cigital |
2008-07-01 +00:00 |
added/updated demonstrative examples |
Eric Dalci |
Cigital |
2008-07-01 +00:00 |
updated Time_of_Introduction |
CWE Content Team |
MITRE |
2008-09-08 +00:00 |
updated Applicable_Platforms, Description, Detection_Factors, Relationships, Other_Notes |
CWE Content Team |
MITRE |
2009-12-28 +00:00 |
updated Demonstrative_Examples |
CWE Content Team |
MITRE |
2010-09-27 +00:00 |
updated Observed_Examples |
CWE Content Team |
MITRE |
2011-06-01 +00:00 |
updated Common_Consequences, Relationships, Taxonomy_Mappings |
CWE Content Team |
MITRE |
2011-09-13 +00:00 |
updated Relationships, Taxonomy_Mappings |
CWE Content Team |
MITRE |
2014-06-23 +00:00 |
updated Modes_of_Introduction, Other_Notes |
CWE Content Team |
MITRE |
2017-01-19 +00:00 |
updated Relationships |
CWE Content Team |
MITRE |
2017-11-08 +00:00 |
updated Relationships, Relevant_Properties, Taxonomy_Mappings, Time_of_Introduction |
CWE Content Team |
MITRE |
2019-01-03 +00:00 |
updated Relationships, Taxonomy_Mappings |
CWE Content Team |
MITRE |
2020-06-25 +00:00 |
updated Common_Consequences |
CWE Content Team |
MITRE |
2021-03-15 +00:00 |
updated Demonstrative_Examples, Relationships |
CWE Content Team |
MITRE |
2023-04-27 +00:00 |
updated Relationships |
CWE Content Team |
MITRE |
2023-06-29 +00:00 |
updated Mapping_Notes, Relationships |