Reino: Code Quality
Una mala calidad del código lleva a un comportamiento no predecible. Desde la perspectiva de un usuario, muchas veces también supone una usabilidad limitada. Pero para un atacante es una oportunidad para atacar al sistema de formas insospechadas.
Type Mismatch: Negative to Unsigned
Abstract
La función se declara para devolver un valor sin signo, pero en algunos casos intenta devolver un valor negativo.
Explanation
Es peligroso basarse en conversiones implícitas entre números con o sin signo porque el resultado puede tomar un valor inesperado e infringir hipótesis no seguras que se hacen en cualquier parte del programa.
Ejemplo 1: En este ejemplo, la variable
Si se cumple la condición de error del
La conversión de valores con y sin signo puede provocar variedad de errores. Sin embargo, desde el punto de vista de la seguridad se asocia comúnmente con vulnerabilidades de desbordamiento de enteros y de búfer.
Ejemplo 1: En este ejemplo, la variable
amount puede albergar un valor negativo cuando se devuelve. Como la función se declara para devolver un entero sin signo, amount se convierte implícitamente a sin signo.
unsigned int readdata () {
int amount = 0;
...
if (result == ERROR)
amount = -1;
...
return amount;
}
Si se cumple la condición de error del
Example 1, el valor devuelto de readdata() será 4,294,967,295 en un sistema que utiliza enteros de 32 bits.La conversión de valores con y sin signo puede provocar variedad de errores. Sin embargo, desde el punto de vista de la seguridad se asocia comúnmente con vulnerabilidades de desbordamiento de enteros y de búfer.
References
[1] Standards Mapping - Common Weakness Enumeration CWE ID 195
[2] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-002824
[3] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C Guidelines 2012 Rule 10.3
[4] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C Guidelines 2023 Rule 7.5, Rule 7.6, Rule 10.3, Rule 21.18
[5] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C++ Guidelines 2008 Rule 5-0-3
[6] Standards Mapping - Motor Industry Software Reliability Association (MISRA) C++ Guidelines 2023 Rule 7.0.5, Rule 7.0.6
[7] Standards Mapping - NIST Special Publication 800-53 Revision 4 SI-16 Memory Protection (P1)
[8] Standards Mapping - NIST Special Publication 800-53 Revision 5 SI-16 Memory Protection
[9] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.6
[10] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.6
[11] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.6
[12] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.6
[13] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[14] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0.1 Requirement 6.2.4
[15] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 4.2 - Critical Asset Protection
[16] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 4.2 - Critical Asset Protection
[17] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 4.2 - Critical Asset Protection
[18] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3550 CAT I
[19] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3550 CAT I
[20] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3550 CAT I
[21] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3550 CAT I
[22] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3550 CAT I
[23] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3550 CAT I
[24] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3550 CAT I
[25] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002590 CAT I
[26] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002590 CAT I
[27] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002590 CAT I
[28] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002590 CAT I
[29] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002590 CAT I
[30] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002590 CAT I
[31] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002590 CAT I
[32] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002590 CAT I
[33] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002590 CAT I
[34] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002590 CAT I
[35] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002590 CAT I
[36] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002590 CAT I
[37] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002590 CAT I
[38] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002590 CAT I
[39] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-002590 CAT I
[40] Standards Mapping - Security Technical Implementation Guide Version 6.2 APSC-DV-002590 CAT I
desc.structural.cpp.type_mismatch_negative_to_unsigned