CWE-825

Expired Pointer Dereference

The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.

Mitigation

Phase: Architecture and Design

Description:

  • Choose a language that provides automatic memory management.
Mitigation

Phase: Implementation

Description:

  • When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.

No CAPEC attack patterns related to this CWE.

Back to CWE stats page