Avoid Objects having exposed pointers allowed to access unmanaged memory

Rule Definition
For an application, if the pointers are exposed malicious code can change the value of the pointer, potentially allowing access to arbitrary locations in memory or causing application or system failures.

Remediation
try and always have these pointers as read-only, internal, or private.

Violation Code Sample

using System; namespace SecurityRulesLibrary { public class ExposedPointers { // Violation. The pointers should not be visibles public IntPtr Pointer1; public UIntPtr Pointer2; }

Fixed Code Sample

using System; namespace SecurityRulesLibrary { public class ExposedPointers { // Violation Corrected internal UIntPtr Pointer1; private UIntPtr privatePointer2; } }

Reference

http://msdn.microsoft.com/en-us/library/ms182306.aspx

Related Technologies
.Net

Health Factor

Security

Technical Criterion
CWE-788 - Access of Memory Location After End of Buffer

About CAST Appmarq

CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.

Benchmark Statistics

Global Compliance

99.93%

Total Violations

600

Total Opportunities

880,638

Average Violations / App.

1.89

The compliance score represents 1 minus the ratio between the number of times a rule has been violated compared to the number of opportunities in a set of applications that the rule could have been violated.

Industry Insights

Telecommunications

99.72%

Select from drop-down

99.95%

Software ISV

99.92%

Want more stats? Register now!