C and C++ do not have built-in bounds checking for array indexing
expressions such as
i is out of
bounds then the program will read/write whatever data happens to be at
that address. An attacker who is able to control the value
i might be able to read or modify data which they are
not authorized to access.
Always check the bounds of array indexing expressions, especially if the index value is derived from user-controlled data.
In this example, a string is read from a socket and converted to
int is then used to index
data array. Because the index value is a
user-controlled value, it could be out of bounds.
Below, the problem has been fixed by adding a guard:
- Common Weakness Enumeration: CWE-129.