CWE-562

Overview
  • CWE ID
  • 562
  • CWE Name
  • Return of Stack Variable Address
  • CWE Abstraction
  • Base
  • CWE structure
  • Simple
  • CWE Status
  • Draft
Description
A function returns the address of a stack variable, which will cause unintended program behavior, typically in the form of a crash.
Extended Description
Because local variables are allocated on the stack, when a program returns a pointer to a local variable, it is returning a stack address. A subsequent function call is likely to re-use this same stack address, thereby overwriting the value of the pointer
Related CWEs
CWE ID View ID Nature Ordinal
758 1000 ChildOf Primary
672 1000 CanPrecede
825 1000 CanPrecede
Related CVEs