SQ14129
Detected Windows executable files that do not implement static cast vulnerability mitigation protection.
priority | CI/CD status | severity | effort | SAFE level | SAFE assessment |
---|---|---|---|---|---|
None | pass | low | medium | None | None |
About the issueโ
Static Cast Guard (CastGuard) protects the code flow integrity by preventing type confusion issues that may occur during pointer cast operation. Higher-level programming languages organize code into classes that may inherit types and interfaces from other classes. To keep track of this complex hierarchy of type inheritance, a special table called Virtual Function Table (vftable) is created during compilation. This mitigation option reorganizes the vftable entries into a list that is sorted by class inheritance relationships. To enforce safe type casting during application runtime, each pointer cast operation is range-checked to ensure that the type conversion is only done for compatible types. Any detected type incompatibility during casting will cause the application to terminate. This makes malicious code less likely to execute.
How to resolve the issueโ
- To enable this mitigation, refer to your programming language toolchain documentation.
- In Microsoft VisualStudio, you can enable cast guard mitigation by passing the /d2CastGuard parameter to the compiler and linker.
Incidence statisticsโ
ReversingLabs periodically collects and analyzes the contents of popular software package repositories for threat research purposes. Analysis results are used to calculate incidence statistics for issues (policy violations) that Spectra Assure can detect in software packages.
This section is updated when new data becomes available.
Total amount of packages analyzed
- RubyGems: 183K
- Nuget: 644K
- PyPi: 628K
- NPM: 3.72M
Recommended readingโ
- CastGuard: Mitigating Type Confusion in C++ (External resource - BlackHat)
- Virtual method table (vftable) (External resource - Wikipedia)