Buffer Overflow
Writes past the end of a buffer. Classic memory-safety bug; almost always C/C++.
GateTest coverage
Not directly covered today. GateTest focuses on web-stack languages and infrastructure-as-code. For this class of bug, pair GateTest with a C/C++-aware analyzer.
Example
char dst[16]; strcpy(dst, user_input);
How to fix it
Memory-safe languages or bounded-copy APIs. GateTest does not scan C/C++.
Frequently asked questions
What is CWE-119 (Buffer Overflow)?
Writes past the end of a buffer. Classic memory-safety bug; almost always C/C++.
How do I fix buffer overflow?
Memory-safe languages or bounded-copy APIs. GateTest does not scan C/C++.
Does GateTest detect CWE-119?
Not directly today. GateTest focuses on web-stack languages (JavaScript, TypeScript, Python, Go, Java, Ruby, PHP) and infrastructure-as-code. Buffer Overflow is most relevant to C / C++ code. For full coverage of this class, pair GateTest with CodeQL or a memory-safety analyzer.
What rank is Buffer Overflow in the CWE Top 25?
Buffer Overflow is ranked #17 in the MITRE 2023 CWE Top 25 Most Dangerous Software Weaknesses list. The ranking reflects both prevalence (how often it appears in real CVEs) and severity (the typical impact when it's exploited).