Unchecked array indexing

Revision as of 20:20, 30 May 2009 by Deleted user (Talk | contribs)

Jump to: navigation, search

[http://s1.shard.jp/olharder/automation-control.html quebec autoroutes ] [http://s1.shard.jp/galeach/new162.html asian escort girl london ] [http://s1.shard.jp/frhorton/9nls8flts.html african american pioneer ] [http://s1.shard.jp/frhorton/sfzdbdq5w.html south africa embassy uk ] [http://s1.shard.jp/olharder/email-promotions.html automation business international management marketing ] michigan auto recyclers [http://s1.shard.jp/bireba/airscanner-mobile.html nortun antivirus ] [http://s1.shard.jp/olharder/cheat-sheets.html used tomy autoclave ] [http://s1.shard.jp/galeach/new113.html euthanasia conclusion ] [http://s1.shard.jp/galeach/new42.html sexy asians.com ] [http://s1.shard.jp/galeach/new173.html cute asian schoolgirls ] [http://s1.shard.jp/frhorton/x5dh8y75v.html african american development human theory ] [http://s1.shard.jp/bireba/alertas-antivirus.html avgfreeantivirus ] [http://s1.shard.jp/olharder/browning-semi.html bvlgari automatic watch ] african american appointed court first supreme us [http://s1.shard.jp/losaul/bmw-australia.html largest deserts in australia ] [http://s1.shard.jp/frhorton/po4uhk6ve.html african tick bird giraffe ] [http://s1.shard.jp/olharder/amortization-of.html grand theft auto san andreas wallpaper ] [http://s1.shard.jp/olharder/automobile-accident.html coffee maker with auto shut off ] [http://s1.shard.jp/olharder/used-automobile.html dioguardi auto sales ] [http://s1.shard.jp/frhorton/3l1e7cosa.html institute of purchasing and supply south africa ] [http://s1.shard.jp/bireba/symantec-norton.html top antivirus for 2005 ] [http://s1.shard.jp/galeach/new131.html asian escort girl ] [http://s1.shard.jp/bireba/antivirus-firewall.html mcafee home free antivirus ] african influence on music [http://s1.shard.jp/losaul/simple-plan.html australia online car insurance quote ] [http://s1.shard.jp/olharder/12-auto-become-br.html auto trader bikes ] [http://s1.shard.jp/bireba/symantec-antivirus.html nortan antivirus 2005 serial key ] [http://s1.shard.jp/losaul/australia-food-product.html australia food picture ] [http://s1.shard.jp/bireba/manually-updating.html ez antivirus cracks ] [http://s1.shard.jp/frhorton/tiwomyd3z.html scholarships for african american females ] link [http://s1.shard.jp/galeach/new125.html asian skin xanga ] asiaticas ardientes index [http://s1.shard.jp/frhorton/h4xwn2n8q.html africa map of mineral ] [http://s1.shard.jp/losaul/medical-textbooks.html australian company mining uranium ] [http://s1.shard.jp/bireba/northon-antivirus.html norton antivirus software for free download ] [http://s1.shard.jp/losaul/buffy-convention.html dementia and early intervention in australia ] [http://s1.shard.jp/olharder/auto-copart-sale.html auto tuning.cz ] [http://s1.shard.jp/frhorton/gcc5hqqy1.html historic earthquakes in africa ] [http://s1.shard.jp/olharder/lisa-lopez-autopsy.html reno auto rental ] [http://s1.shard.jp/bireba/antivirus-checking.html norton antivirus downloads free ] [http://s1.shard.jp/galeach/new128.html asian institute of medical science and technology ] link [http://s1.shard.jp/olharder/auto-insurance.html high performance automatic transmission ] [http://s1.shard.jp/frhorton/zgxfpsa75.html african american author ] [http://s1.shard.jp/bireba/winantivirus-pro.html antivirus software macafee ] [http://s1.shard.jp/bireba/panda-free-antivirus.html download antivirus programme ] This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.

Last revision (mm/dd/yy): 05/30/2009

Vulnerabilities Table of Contents


Unchecked array indexing occurs when an unchecked value is used as an index into a buffer.


  • Availability: Unchecked array indexing will very likely result in the corruption of relevant memory and perhaps instructions, leading to a crash, if the values are outside of the valid memory area
  • Integrity: If the memory corrupted is data, rather than instructions, the system will continue to function with improper values.
  • Access Control: If the memory corrupted memory can be effectively controlled, it may be possible to execute arbitrary code, as with a standard buffer overflow.

Exposure period

  • Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
  • Implementation: Many logic errors can lead to this condition. It can be exacerbated by lack of or misuse of mitigating technologies.


  • Languages: C, C++, Assembly
  • Operating Platforms: All

Required resources




Likelihood of exploit


Unchecked array indexing, depending on its instantiation, can be responsible for any number of related issues. Most prominent of these possible flaws is the buffer overflow condition. Due to this fact, consequences range from denial of service, and data corruption, to full blown arbitrary code execution

The most common condition situation leading to unchecked array indexing is the use of loop index variables as buffer indexes. If the end condition for the loop is subject to a flaw, the index can grow or shrink unbounded, therefore causing a buffer overflow or underflow. Another common situation leading to this condition is the use of a function's return value, or the resulting value of a calculation directly as an index in to a buffer.

Risk Factors




Related Attacks

Related Vulnerabilities

Related Controls

  • Requirements specification: The choice could be made to use a language that is not susceptible to these issues.
  • Implementation: Include sanity checks to ensure the validity of any values used as index variables. In loops, use greater-than-or-equal-to, or less-than-or-equal-to, as opposed to simply greater-than, or less-than compare statements.

Related Technical Impacts