CXX.SUSPICIOUS_INDEX_CHECK.ZERO

The CXX.SUSPICIOUS_INDEX_CHECK.ZERO checker finds defects when a suspicious index check against zero is present before accessing an array, but the index value is not checked against the upper array boundary.

Vulnerability and risk

If an array is accessed by an index that is beyond the array’s size, it can lead to data corruption, misbehavior, or crashing.

Mitigation and prevention

To prevent buffer overflow, check that the index is within the lower and upper boundary range limit before accessing an array at a specific index.

Vulnerable code example

1
2
3
4
5
6
7
8
9
10
11
int get_index();
void foo() 
{
    int err = 0;
    const int SIZE = 10;
    int arr[SIZE];
    int index = get_index();
    if (index > 0) {
        arr[index]=10;
    }
}

Since there is a suspicious index check against zero present before accessing an array, but the index value is not checked against the upper array boundary, Klocwork reports CXX.SUSPICIOUS_INDEX_CHECK.ZERO at line 9 to warn users about the suspicious index check on line 8.

Fixed code example

1
2
3
4
5
6
7
8
9
10
11
int get_index();
void foo()
{
    int err = 0;
    const int SIZE = 10;
    int arr[SIZE];
    int index = get_index();
    if (index >= 0 && index < 10) {
        arr[index] = 10;
    }
}

Buffer overflow is not possible because the constraint "index >= 0 && index < 10" on line 8 rules out all bad behavior.

Related checkers

• ABV.GENERAL
• CXX.SUSPICIOUS_INDEX_CHECK
• CXX.SUSPICIOUS_INDEX_CHECK.CALL
• RABV.CHECK
• RN.INDEX

External guidance

• CWE-124: Buffer Underwrite ('Buffer Underflow')
• CWE-125: Out-of-bounds Read
• CWE-787: Out-of-bounds Write
• CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

Security training

Application security training materials provided by Secure Code Warrior.

• Buffer Overflow Training Video - Test your skills with a training example