コンテンツにスキップ

Mayhem Documentation

Defect Classification

Mayhem Documentation

ホーム
概要
ダイナミック SBOM
ダイナミック SBOM
- Mayhem と SBOM
- セットアップ
  セットアップ
- ガイド
  ガイド
- 上級
  上級
  - GraphQL
  - Include/Exclude
コードテスト
コードテスト
- Mayhem とコード
- チュートリアル
  チュートリアル
  - 🏁 Start Here
  - ⚡ Introduction
  - ⚡ Executing Mayhem Runs
    ⚡ Executing Mayhem Runs
    
    💻 Web UI Testing
    
    💻 CLI Testing
    
    💻 Testing a Docker Target
    
    💻 Testing a Non-Docker Target
  - ⚡ Configuring Your Runs
    ⚡ Configuring Your Runs
    
    💻 Target Input Methods
    
    💻 OSS Fuzzer Engines
  - ⚡ Mayhem for Power Users
    ⚡ Mayhem for Power Users
    
    💻 Mayhem and Test Drivers
    
    💻 Test Driver for tinyxml
    
    💻 Hardware Testing
    
    💻 Testing with Shared Libraries
    
    💻 Testing with libFuzzer
    
    💻 OSS-Fuzz Targets with Mayhem
    
    💻 Patching Binaries
    
    💻 Firmware Testing
- 📘 Getting Set Up
  📘 Getting Set Up
  - 📖 Installation
  - 📖 Generating API Tokens
- 📘 Guides
  📘 Guides
  - 📖 Docker
    📖 Docker
    
    📖 Mayhem Docker Targets
    
    📖 Mayhem Entrypoint Support
  - 📖 Code Coverage
    📖 Code Coverage
    
    📖 Getting Code Coverage
    
    📖 Analyzing Code Coverage
  - 📖 Optimization
    📖 Optimization
    
    📖 Optimizing Mayhem Targets
  - 📖 Troubleshooting
    📖 Troubleshooting
    
    📖 Diagnosing Low Test Run Rates
- 📘 Reference
  📘 Reference
  - 📖 Mayhemfile Configuration
  - 📖 Mayhem CLI Commands
  - 📖 Target Support Matrix
  - 📖 Defect Classification
    📖 Defect Classification
    
    🤖 Uncategorized
    
    🤖 Improper Input Validation
    
    🤖 Improper Memory Management
    
    🤖 Improper Resource Management
    
    🤖 Improper Size Calculation
    
    🤖 Incorrect Logic
    
    🤖 Null Pointer Decode-testing/reference
    
    🤖 Out-of-Bounds Access
    
    🤖 Out-of-Bounds Read
    
    🤖 Out-of-Bounds Write 🤖 Out-of-Bounds Write
    目次
    
    Rule ID
    
    Definition
    
    Example
    
    References
    
    🤖 Undefined Behavior
  - 📖 Mayhem Technology
- 言語別
  言語別
  - 📖 Overview
  - 📖 C/C++
    📖 C/C++
    
    💻 Base-Executable
    
    💻 AFL / AFL++
    
    💻 Honggfuzz
    
    💻 LibFuzzer
  - 📖 Golang
    📖 Golang
    
    💻 Base-Executable
    
    💻 LibFuzzer (Go-Fuzz)
  - 📖 Rust
    📖 Rust
    
    💻 Base-Executable
    
    💻 AFL
    
    💻 LibFuzzer (Cargo-Fuzz)
  - 📖 Java
    📖 Java
    
    💻 Base-Executable
    
    💻 LibFuzzer (Jazzer)
  - 📖 Python
    📖 Python
    
    💻 LibFuzzer (Atheris)
  - 📖 Ada
    📖 Ada
    
    💻 Base-Executable
API テスト
API テスト
- Mayhem と API
- チュートリアル
  チュートリアル
  - 🏁 Start Here
  - ⚡ Introduction
  - ⚡ Testing APIs w/ Mayhem
    ⚡ Testing APIs w/ Mayhem
    
    💻 Hello, API Testing!
    
    💻 Test Your Own API
    
    💻 HAR Support
    
    💻 Postman Support
  - ⚡ Optimizing Test Coverage
    ⚡ Optimizing Test Coverage
    
    💻 API Authentication
    
    💻 API Success
    
    💻 How Long to Run
    
    💻 Configure Your API
  - ⚡ Identifying API Issues
    ⚡ Identifying API Issues
    
    💻 Identifying Buggy Endpoints
    
    💻 Issue Rules
    
    💻 Suppress Issues
    
    💻 Selective Routes
    
    💻 ZAP Integration
- 📘 Getting Set Up
  📘 Getting Set Up
  - 📖 Installation
  - 📖 Generating API Tokens
- 📘 Guides
  📘 Guides
- 📘 Reference
  📘 Reference
  - 📖 API Issue Rules
    📖 API Issue Rules
    
    🤖 Auth Bypass
    
    🤖 Command Injection
    
    🤖 Internal Server Error
    
    🤖 Invalid Request Spec
    
    🤖 Invalid Response Spec
    
    🤖 NoSQL Injection
    
    🤖 PII Disclosure
    
    🤖 Path Traversal
    
    🤖 Reported by a custom error-classifying plugin
    
    🤖 SQL Injection
    
    🤖 Server Crash
    
    🤖 Server Side Request Forgery
    
    🤖 Timeout
    
    🤖 Verb Tampering
統合
統合
- Mayhem との統合
- CI パイプライン
  CI パイプライン
- Webhooks
  Webhooks
- プロジェクト管理
  プロジェクト管理
  - ⚡ Jira
サポート
サポート
- Contact Us
用語集
用語集
- 📘 Mayhem API Server
  📘 Mayhem API Server
  - 📖 API Endpoint Docs
- 📘 Terminology
  📘 Terminology
リリースノート
リリースノート
- 📖 Code Testing
- 📖 API Testing

Out-of-Bounds Write¶

Rule ID¶

MI109

Definition¶

The software writes data past the end, or before the beginning, of the intended buffer.

Example¶

See one of the applicable code examples from CWE.

int id_sequence[3];

/* Populate the id array. */

id_sequence[0] = 123;
id_sequence[1] = 234;
id_sequence[2] = 345;
id_sequence[3] = 456;

The following code attempts to save four different identification numbers into an array. Since the array is only allocated to hold three elements, the valid indices are 0 to 2; so, the assignment to id_sequence[3] is out of bounds.

References¶

Common Weakness Enumeration: CWE-121
Common Weakness Enumeration: CWE-122
Common Weakness Enumeration: CWE-787
Common Weakness Enumeration: CWE-913