BaseDraft

CWE-374Passing Mutable Objects to an Untrusted Method

Category: other

Description

The product sends non-cloned mutable data as an argument to a method or function. The function or method that has been called can alter or delete the mutable data. This could violate assumptions that the calling function has made about its state. In situations where unknown code is called with references to mutable data, this external code could make changes to the data sent. If this data was not previously cloned, the modified data might not be valid in the context of execution.

Common consequences· 1

  • Integrity — Modify Memory
    Potentially data could be tampered with by another function which should not have been tampered with.

Potential mitigations· 2

  • [Implementation]Pass in data which should not be altered as constant or immutable.
  • [Implementation]Clone all mutable data before passing it into an external function . This is the preferred mitigation. This way, regardless of what changes are made to the data, a valid copy is retained for use by the class.

References

  1. https://cwe.mitre.org/data/definitions/374.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Access to Critical Private Variable via Public Method
CWE
Exposed Dangerous Method or Function
CWE
Private Data Structure Returned From A Public Method
CWE
Use of Potentially Dangerous Function
CWE
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE
Returning a Mutable Object to an Untrusted Caller
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.