CWE-170

Improper Null Termination

The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator.

Mitigation

Phase: Requirements

Description:

  • Use a language that is not susceptible to these issues. However, be careful of null byte interaction errors (CWE-626) with lower-level constructs that may be written in a language that is susceptible.
Mitigation

Phase: Implementation

Description:

  • Ensure that all string functions used are understood fully as to how they append null characters. Also, be wary of off-by-one errors when appending nulls to the end of strings.
Mitigation

Phase: Implementation

Description:

  • If performance constraints permit, special code can be added that validates null-termination of string buffers, this is a rather naive and error-prone solution.
Mitigation

Phase: Implementation

Description:

  • Switch to bounded string manipulation functions. Inspect buffer lengths involved in the buffer overrun trace reported with the defect.
Mitigation

Phase: Implementation

Description:

  • Add code that fills buffers with nulls (however, the length of buffers still needs to be inspected, to ensure that the non null-terminated string is not written at the physical end of the buffer).

No CAPEC attack patterns related to this CWE.

Back to CWE stats page