Description
The product invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.
Potential Impact
Other
Varies by Context, Quality Degradation, Unexpected State
Demonstrative Examples
void manipulate_string(char * string){char buf[24];strcpy(buf, string);...}Mitigations & Prevention
Identify a list of prohibited API functions and prohibit developers from using these functions, providing safer alternatives. In some cases, automatic code analysis tools or the compiler can be instructed to spot use of prohibited functions, such as the "banned.h" include file from Microsoft's SDL. [REF-554] [REF-1009] [REF-7]
Detection Methods
- Automated Static Analysis - Binary or Bytecode High — According to SOAR [REF-1479], the following detection techniques may be useful:
- Manual Static Analysis - Binary or Bytecode SOAR Partial — According to SOAR [REF-1479], the following detection techniques may be useful:
- Dynamic Analysis with Manual Results Interpretation High — According to SOAR [REF-1479], the following detection techniques may be useful:
- Manual Static Analysis - Source Code High — According to SOAR [REF-1479], the following detection techniques may be useful:
- Automated Static Analysis - Source Code High — According to SOAR [REF-1479], the following detection techniques may be useful:
- Automated Static Analysis SOAR Partial — According to SOAR [REF-1479], the following detection techniques may be useful:
Real-World CVE Examples
| CVE ID | Description |
|---|---|
| CVE-2007-1470 | Library has multiple buffer overflows using sprintf() and strcpy() |
| CVE-2009-3849 | Buffer overflow using strcat() |
| CVE-2006-2114 | Buffer overflow using strcpy() |
| CVE-2006-0963 | Buffer overflow using strcpy() |
| CVE-2011-0712 | Vulnerable use of strcpy() changed to use safer strlcpy() |
| CVE-2008-5005 | Buffer overflow using strcpy() |
Related Weaknesses
Taxonomy Mappings
- 7 Pernicious Kingdoms: — Dangerous Functions
- CERT C Secure Coding: CON33-C — Avoid race conditions when using library functions
- CERT C Secure Coding: ENV33-C — Do not call system()
- CERT C Secure Coding: ERR07-C — Prefer functions that support error checking over equivalent functions that don't
- CERT C Secure Coding: ERR34-C — Detect errors when converting a string to a number
- CERT C Secure Coding: FIO01-C — Be careful using functions that use file names for identification
- CERT C Secure Coding: MSC30-C — Do not use the rand() function for generating pseudorandom numbers
- CERT C Secure Coding: STR31-C — Guarantee that storage for strings has sufficient space for character data and the null terminator
- Software Fault Patterns: SFP3 — Use of an improper API
Frequently Asked Questions
What is CWE-676?
CWE-676 (Use of Potentially Dangerous Function) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. The product invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.
How can CWE-676 be exploited?
Attackers can exploit CWE-676 (Use of Potentially Dangerous Function) to varies by context, quality degradation, unexpected state. This weakness is typically introduced during the Implementation phase of software development.
How do I prevent CWE-676?
Key mitigations include: Identify a list of prohibited API functions and prohibit developers from using these functions, providing safer alternatives. In some cases, automatic code analysis tools or the compiler can be instru
What is the severity of CWE-676?
CWE-676 is classified as a Base-level weakness (Medium abstraction). It has been observed in 6 real-world CVEs.