SFP Secondary Cluster: Incorrect Buffer Length Computation
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
This category identifies Software Fault Patterns (SFPs) within the Incorrect Buffer Length Computation cluster (SFP10).
The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.
The software does not correctly calculate the length of strings that can contain wide or multi-byte characters.
The code calls sizeof() on a malloced pointer type, which always returns the wordsize/8. This can produce an unexpected result if the programmer intended to determine ...
Functions that manipulate strings encourage buffer overflows.
CWE identifiers in this view are associated with clusters of Software Fault Patterns (SFPs).