CXX.SUSPICIOUS_INDEX_CHECK

The CXX.SUSPICIOUS_INDEX_CHECK checker finds defects when a suspicious index check is present before accessing an array at a specific index.

Vulnerability and risk

If an array is accessed by an index that is beyond the array’s size, it can lead to data corruption, misbehavior, or crashing.

Mitigation and prevention

Perform proper bound checking before accessing an array at a specific index.

Vulnerable code example

Copy
int get_index(); // some function returning an index

void foo() {
    const int SIZE = 10;
    int arr[SIZE];
    int index = get_index();

    if (index >= 12) {
        return;
    }

    arr[index] = 0;
}

Klocwork reports CXX.SUSPICIOUS_INDEX_CHECK on line 12 to warn users about the suspicious index check on line 8.

It is possible to reach the array dereference if the “index” on line 12 is 10 or 11, which can cause buffer overflow.

Fixed code example

Copy
int get_index(); // some function returning an index

void foo() {
    const int SIZE = 10;
    int arr[SIZE];
    int index = get_index();

    if (index >= 9) {
        return;
    }

    arr[index] = 0;
}

Buffer overflow is not possible because the constraint "index >= 9" on line 8 rules out all bad behavior.

Security training

Application security training materials provided by Secure Code Warrior.