Improper Handling of Inconsistent Structural Elements

The product does not handle or incorrectly handles when two or more structural elements should be consistent, but are not.


The following examples help to illustrate the nature of this weakness and describe methods or techniques which can be used to mitigate the risk.

Note that the examples here are by no means exhaustive and any given weakness may have many subtle varieties, each of which may require different detection methods or runtime controls.

Example One

In the following C/C++ example the method processMessageFromSocket() will get a message from a socket, placed into a buffer, and will parse the contents of the buffer into a structure that contains the message length and the message body. A for loop is used to copy the message body into a local character string which will be passed to another method for processing.

int processMessageFromSocket(int socket) {

  int success;

  char buffer[BUFFER_SIZE];
  char message[MESSAGE_SIZE];

  // get message from socket and store into buffer

  //Ignoring possibliity that buffer > BUFFER_SIZE
  if (getMessage(socket, buffer, BUFFER_SIZE) > 0) {

    // place contents of the buffer into message structure
    ExMessage *msg = recastBuffer(buffer);

    // copy message body into string for processing
    int index;
    for (index = 0; index < msg->msgLength; index++) {
      message[index] = msg->msgBody[index];
    message[index] = '\0';

    // process message
    success = processMessage(message);

  return success;


However, the message length variable from the structure is used as the condition for ending the for loop without validating that the message length variable accurately reflects the length of the message body (CWE-606). This can result in a buffer over-read (CWE-125) by reading from memory beyond the bounds of the buffer if the message length variable indicates a length that is longer than the size of a message body (CWE-130).

See Also

Comprehensive Categorization: Improper Neutralization

Weaknesses in this category are related to improper neutralization.

SFP Secondary Cluster: Incorrect Input Handling

This category identifies Software Fault Patterns (SFPs) within the Incorrect Input Handling cluster.

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Weaknesses Introduced During Implementation

This view (slice) lists weaknesses that can be introduced during implementation.

Weakness Base Elements

This view (slice) displays only weakness base elements.

Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.