Page History

...

Using an invalid array or container index can result in an arbitrary memory overwrite or abnormal program termination.

Rule	Severity	Likelihood	Detectable	RepairableRemediation Cost	Priority	Level
CTR50-CPP	High	Likely	No	NoHigh	P9	L2

Automated Detection

2891, 3051, 3139, 3140

Tool

Version

Checker

Description

Astrée

Include Page

	Astrée_V
	Astrée_V

overflow_upon_dereference

CodeSonar

Include Page

	CodeSonar_V
	CodeSonar_V

LANG.MEM.BO
LANG.MEM.BU
LANG.MEM.TO
LANG.MEM.TU
LANG.MEM.TBA
LANG.STRUCT.PBB
LANG.STRUCT.PPE
LANG.STRUCT.PARITH

Buffer overrun
Buffer underrun
Type overrun
Type underrun
Tainted buffer access
Pointer before beginning of object
Pointer past end of object
Pointer Arithmetic

Helix QAC

Include Page

	Helix QAC_V
	Helix QAC_V

C++3139, C++3140

DF2891

Klocwork

Include Page

	Klocwork_V
	Klocwork_V

ABV.ANY_SIZE_ARRAY
ABV.GENERAL
ABV.GENERAL.MULTIDIMENSION
ABV.NON_ARRAY
ABV.

STACK

STACK
ABV.TAINTED
SV.TAINTED.ALLOC_SIZE
SV.TAINTED.CALL.INDEX_ACCESS
SV.TAINTED.CALL.LOOP_BOUND
SV.TAINTED.INDEX_ACCESS

LDRA tool suite

Include Page

	LDRA_V
	LDRA_V

45 D, 47 S, 476 S, 489 S, 64 X, 66 X, 68 X, 69 X, 70 X, 71 X, 79 X

Partially implemented

Parasoft C/C++test

Include Page

	Parasoft_V
	Parasoft_V

CERT_CPP-CTR50-a

Guarantee that container indices are within the valid range

Polyspace Bug Finder

Include Page

	Polyspace Bug Finder_V
	Polyspace Bug Finder_V

CERT C++: CTR50-CPP

Checks for:

Array access out of bounds
Array access with tainted index
Pointer dereference with tainted offset

Rule partially covered.

PRQA QA-C

4.1

3705, 3706, 3707

PRQA QA-C++

Include Page

PRQA QA-C++_V

PVS-Studio

Include Page

	PVS-Studio_V
	PVS-Studio_V

V781

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

Space shortcuts

Page tree

Versions Compared

Old Version 66

New Version Current

Key

Automated Detection

Related Vulnerabilities