CWE-1087: Class with Virtual Method without a Virtual Destructor
Learn about CWE-1087 (Class with Virtual Method without a Virtual Destructor), its security impact, exploitation methods, and prevention guidelines.
What is Class with Virtual Method without a Virtual Destructor?
• Overview: A class with a virtual method should also have a virtual destructor to ensure proper cleanup of resources. Without a virtual destructor, derived class destructors might not be called, leading to resource leaks or undefined behavior.
• Exploitation Methods:
- Attackers could exploit this by forcing the program into an undefined state, potentially crashing it or causing unexpected behavior.
- Common attack patterns involve manipulating object lifecycles, especially in scenarios involving dynamic polymorphism and object slicing.
• Security Impact:
- Direct consequences include resource leaks, such as memory leaks, which can degrade system performance or stability.
- Potential cascading effects involve undefined behavior, which could be leveraged to bypass security controls.
- Business impact includes increased maintenance costs, system downtime, and potential data integrity issues.
• Prevention Guidelines:
- Specific code-level fixes include declaring destructors as virtual in any base class with virtual methods.
- Security best practices involve regularly reviewing and updating code to ensure all polymorphic base classes have virtual destructors.
- Recommended tools and frameworks include static analysis tools that check for virtual destructor presence, such as Clang Static Analyzer or Cppcheck.
Technical Details
Likelihood of Exploit: Not specified
Affected Languages: Not specified
Affected Technologies: Not specified