CWE-785

Use of Path Manipulation Function without Maximum-sized Buffer

VariantIncomplete

Description

The product invokes a function for normalizing paths or file names, but it provides an output buffer that is smaller than the maximum possible size, such as PATH_MAX.

Passing an inadequately-sized output buffer to a path manipulation function can result in a buffer overflow. Such functions include realpath(), readlink(), PathAppend(), and others.

Hierarchy (View 1000)

Parents

CWE-676
CWE-120

Children

none

CVEs mapped to this weakness (0)

No CVEs match the current filter.