ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5782/impact.adoc
Sebastien Andrivet e5e7204f41
Modify rule S5782: Change text to education framework format (APPSEC-1211) (#3346) 
## Review

A dedicated reviewer checked the rule description successfully for:

- [ ] logical errors and incorrect information
- [ ] information gaps and missing content
- [ ] text style and tone
- [ ] PR summary and labels follow [the
guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule)

---------

Co-authored-by: gaetan-ferry-sonarsource <112399173+gaetan-ferry-sonarsource@users.noreply.github.com>
2023-10-24 16:10:06 +02:00

23 lines
1.7 KiB
Plaintext
Raw Permalink Blame History

=== What is the potential impact?
Buffer boundaries violations can lead to serious security issues.
==== Information disclosure
In some scenarios, insecure functions can lead to information disclosure. For instance, if an attacker can cause a buffer overread, they might be able to disclose data in memory that they're not supposed to have access to. This could potentially allow them to access sensitive information, such as passwords or encryption keys.
An example of a buffer overread is provided with the Heartbleed vulnerability.
==== Code execution
In some cases, an attacker can craft input in a way that allows them to gain unauthorized access to your system. For example, they might be able to overwrite a function's return address in memory, causing your program to execute code of the attacker's choosing. This could potentially give the attacker full control over your system.
==== Denial of service
If an attacker can trigger a buffer overflow by providing oversized input, it can cause the program to crash. If the attacker repeats this process, it can continually disrupt the service, denying access to other users. This can be particularly damaging for services that require high availability, such as online platforms or databases.
In some cases, the input might cause the program to enter an infinite loop or consume excessive memory, slowing down the system or even causing it to become unresponsive. This type of attack is known as a resource exhaustion DoS attack.
=== Exceptions
Functions related to sockets using the type ``++socklen_t++`` are not checked. This is because these functions are using a C-style polymorphic pattern using ``++union++``. It relies on a mismatch between allocated memory and sizes of structures and it creates false positives.
Reference in New Issue View Git Blame Copy Permalink