...
Do not pass an out-of-range value as an argument to std::string::opperatoroperator[](). Similarly, do not call std::string::back() or std::string::front() on an empty string. This rule is a specific instance of CTR50-CPP. Guarantee that container indices and iterators are within the valid range.
...
Unchecked element access can lead to out-of-bound reads and writes and write-anywhere exploits. These exploits can, in turn, lead to the execution of arbitrary code with the permissions of the vulnerable process.
Rule | Severity | Likelihood | Detectable |
|---|
Repairable | Priority | Level |
|---|---|---|
STR53-CPP | High | Unlikely |
No | No |
P3 |
L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| assert_failure | |||||||
| CodeSonar |
| LANG.MEM.BO | Buffer overrun Buffer underrun Tainted buffer access Type overrun Type underrun | ||||||
| Helix QAC |
| C++3162, C++3163, C++3164, C++3165 | |||||||
| Parasoft C/C++test |
| CERT_CPP-STR53-a | Guarantee that container indices are within the valid range | |||||||
| Polyspace Bug Finder |
| CERT C++: STR53-CPP | Checks for:
Rule partially covered. |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| SEI CERT C++ Coding Standard | CTR50-CPP. Guarantee that container indices and iterators are within the valid range |
Bibliography
| [ISO/IEC 14882-2014] | Subclause 21.4.5, " |
| [Seacord 2013] | Chapter 2, "Strings" |
...
...