Improper Handling of Length Parameter Inconsistency

CWE-130

Overtime trend (NVD)

CVSS severity (NVD, All Time)

Per technology (GHSA, All time)

61%-Maven
16%-Pip
11%-Swift
11%-Others

Short description

The product parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data.

Extended description

If an attacker can manipulate the length parameter associated with an input such that it is inconsistent with the actual length of the input, this can be leveraged to cause the target application to behave in unexpected, and possibly, malicious ways. One of the possible motives for doing so is to pass in arbitrarily large input to the application. Another possible motivation is the modification of application state by including invalid data for subsequent properties of the application. Such weaknesses commonly lead to attacks such as buffer overflows and execution of arbitrary code.

Best practices to prevent this CWE

Phase: Implementation

When processing structured incoming data containing a size field followed by raw data, ensure that you identify and resolve any inconsistencies between the size field and the actual size of the data.

Phase: Implementation

Do not let the user control the size of the buffer.

Phase: Implementation

Validate that the length of the user-supplied data is consistent with the buffer size.

Recently published CVEs

CVE-2023-52547
CVE-2023-5393
CVE-2024-29064
CVE-2024-20685
CVE-2024-24976

Recently published GHSA

GHSA-qg2p-9jwr-mmqf
GHSA-7fgc-89cx-w8j5
GHSA-7fgc-89cx-w8j5
GHSA-hmr7-m48g-48f6
GHSA-qwhm-h7v3-mrjx

Prioritize and Uncover Reachable Vulnerabilities in Your Application Code

Identify externally reachable data flows and vulnerabilities for effective risk mitigation

Get a Demo