Out-of-bounds Write
A buffer write that lands outside the allocated bounds, corrupting memory and enabling exploitation. Almost exclusively a C/C++ vulnerability.
GateTest coverage
Not directly covered today. GateTest focuses on web-stack languages and infrastructure-as-code. For this class of bug, pair GateTest with a C/C++-aware analyzer.
Example
strcpy(buffer, user_input) where buffer is 256 bytes and user_input is 1 KB.
How to fix it
Use memory-safe languages (Rust, Go) or bounded-copy APIs (strncpy_s, memcpy_s). GateTest does not currently scan C/C++ source — for that, pair us with a tool like CodeQL or AFL.
Frequently asked questions
What is CWE-787 (Out-of-bounds Write)?
A buffer write that lands outside the allocated bounds, corrupting memory and enabling exploitation. Almost exclusively a C/C++ vulnerability.
How do I fix out-of-bounds write?
Use memory-safe languages (Rust, Go) or bounded-copy APIs (strncpy_s, memcpy_s). GateTest does not currently scan C/C++ source — for that, pair us with a tool like CodeQL or AFL.
Does GateTest detect CWE-787?
Not directly today. GateTest focuses on web-stack languages (JavaScript, TypeScript, Python, Go, Java, Ruby, PHP) and infrastructure-as-code. Out-of-bounds Write is most relevant to C / C++ code. For full coverage of this class, pair GateTest with CodeQL or a memory-safety analyzer.
What rank is Out-of-bounds Write in the CWE Top 25?
Out-of-bounds Write is ranked #1 in the MITRE 2023 CWE Top 25 Most Dangerous Software Weaknesses list. The ranking reflects both prevalence (how often it appears in real CVEs) and severity (the typical impact when it's exploited).