CWE-785
Use of Path Manipulation Function without Maximum-sized Buffer
Description
The product invokes a function for normalizing paths or file names, but it provides an output buffer that is smaller than the maximum possible size, such as PATH_MAX.
Passing an inadequately-sized output buffer to a path manipulation function can result in a buffer overflow. Such functions include realpath(), readlink(), PathAppend(), and others.
Common Consequences
Scope
Impact
Modify Memory, Execute Unauthorized Code or Commands, DoS: Crash, Exit, or Restart
Potential Mitigations
Always specify output buffers large enough to handle the maximum-size possible result from path manipulation functions.
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now