ARR-neg-index

In this section:

Synopsis

An array is accessed with a negative subscript value.

Enabled by default

Yes

Severity/Certainty

High/High

Full description

An array is accessed with a negative subscript value, causing an illegal memory access. This might corrupt data and/or crash the application, and result in security vulnerabilities. This check is identical to CERT-ARR30-C_e.

Coding standards

CERT ARR30-C: Do not form or use out of bounds pointers or array subscripts
CWE 120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE 124: Buffer Underwrite ('Buffer Underflow')
CWE 127: Buffer Under-read

Code examples

The following code example fails the check and will give a warning:

void foo(int n)
{
  int x[n];
  int i = 0;
  if (i == 0)
    i--;
  x[i] = 5; //i is -1 at this point
}

The following code example passes the check and will not give a warning about this issue:

void foo(int n)
{
  int x[n];
  int i = 5;
  if (i == 0)
    i--;
  x[i] = 5;  //OK, since i is 4
}

IAR Embedded Workbench for RISC-V 3.40