Table of contents:
Issue
A position outside the bounds of the array memory is being accessed which results in undefined behavior most likely causing invalid memory accesses and crashes.
Relevance
An array is essentially a collection of items that can be randomly accessed through an integer index. Obviously, only a subset of the possible integer values will correspond to array element positions; accessing an array using index values outside that subset will access a memory position not associated with any array element. This is called an out-of-memory-bounds access and has undefined behavior in C/C++, most likely causing invalid memory accesses and crashes.
Actions
Fix the array access so that only positions within the array memory bounds are accessed.
Code example
The following code uses an integer index ranging from 1 to 100 to access the array A:
void foo() {
int A[100];
for (int i = 0; i < 100; i++) {
A[i + 1] = 1;
}
}
This is incorrect since the array positions range from 0 to 99. Thus, the array access must be fixed, for instance by changing the array reference from A[i+1] to A[i]:
void foo() {
int A[100];
for (int i = 0; i < 100; i++) {
A[i] = 1;
}
}
Related resources
References
- CWE – CWE-125: Out-of-bounds Read (4.2) [last checked October 2020]
- Index checking – Bounds checking [last checked October 2020]
Join Parallelware Analyzer Early Access
Enter the program to have access to all versions of Parallelware Analyzer until the official release.