ARR-neg-index
In this section:
Synopsis
An array is accessed with a negative subscript value.
Enabled by default
Yes
Severity/Certainty
High/High
Full description
An array is accessed with a negative subscript value, causing an illegal memory access. This might corrupt data and/or crash the application, and result in security vulnerabilities. This check is identical to CERT-ARR30-C_e.
Coding standards
- CERT ARR30-C
Do not form or use out of bounds pointers or array subscripts
- CWE 120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- CWE 124
Buffer Underwrite ('Buffer Underflow')
- CWE 127
Buffer Under-read
Code examples
The following code example fails the check and will give a warning:
void foo(int n)
{
int x[n];
int i = 0;
if (i == 0)
i--;
x[i] = 5; //i is -1 at this point
}
The following code example passes the check and will not give a warning about this issue:
void foo(int n)
{
int x[n];
int i = 5;
if (i == 0)
i--;
x[i] = 5; //OK, since i is 4
}