CWE-118: Incorrect Access of Indexable Resource ('Range Error')
Learn about CWE-118 (Incorrect Access of Indexable Resource ('Range Error')), its security impact, exploitation methods, and prevention guidelines.
What is Incorrect Access of Indexable Resource ('Range Error')?
• Overview: Incorrect Access of Indexable Resource ('Range Error') occurs when a program does not properly enforce boundaries on operations that involve accessing resources like memory or files using an index or pointer. This can lead to accessing unintended memory locations, potentially causing unexpected behaviors or vulnerabilities.
• Exploitation Methods:
- Attackers can exploit this vulnerability by crafting inputs that cause the program to access memory locations outside the intended bounds.
- Common attack patterns include buffer overflow, where data exceeds the allocated space, and out-of-bounds read or write, where the program reads or writes data beyond the intended memory area.
• Security Impact:
- Direct consequences of successful exploitation include program crashes, data corruption, unauthorized data access, and arbitrary code execution.
- Potential cascading effects include compromising system integrity, escalating privileges, and opening backdoors for further attacks.
- Business impact involves potential data breaches, loss of customer trust, regulatory penalties, and financial losses due to system downtime or data loss.
• Prevention Guidelines:
- Specific code-level fixes include implementing boundary checks and input validation to ensure indices and pointers stay within the intended range.
- Security best practices involve using safe functions that automatically handle boundary checking and avoiding unsafe operations like unchecked array accesses.
- Recommended tools and frameworks include static analysis tools to detect potential range errors, compiler options that enforce bounds checking, and adopting languages with built-in safety mechanisms like Rust or using safe libraries in C/C++.
Technical Details
Likelihood of Exploit: Not specified
Affected Languages: Not Language-Specific
Affected Technologies: Not Technology-Specific
Vulnerable Code Example
// Function to retrieve an element from an array using a user-provided index.
function getElementFromArray(arr, index) {
// Vulnerable: No bounds checking on 'index', potential RangeError
return arr[index];
}
// Example usage
const myArray = [10, 20, 30, 40, 50];
console.log(getElementFromArray(myArray, 10)); // This will output 'undefined'
Explanation
In the vulnerable code example, the function getElementFromArray directly accesses an array element using the provided index without checking if the index is valid. This can lead to unexpected behavior, such as returning undefined if the index is out of bounds, or potentially causing a RangeError if further operations assume a valid element.
How to fix Incorrect Access of Indexable Resource ('Range Error')?
To fix this issue in JavaScript, ensure that any index used to access an array is within the array's bounds. This involves checking that the index is non-negative and less than the array's length. Additionally, handling cases where an invalid index might be used is crucial for preventing unexpected behavior.
Best practices include:
- Validating indices before using them to access array elements.
- Implementing error handling to manage invalid indices gracefully.
- Providing feedback to users for invalid input.
Fixed Code Example
// Secure function to safely retrieve an element from an array.
function getElementFromArray(arr, index) {
// Validate index to ensure it is within bounds
if (index >= 0 && index < arr.length) {
return arr[index];
} else {
// Informative error message for out-of-bounds index
throw new RangeError(`Index \${index} is out of bounds for array of length \${arr.length}`);
}
}
// Example usage
const myArray = [10, 20, 30, 40, 50];
try {
console.log(getElementFromArray(myArray, 10));
} catch (error) {
console.error(`Error: \${error.message}`);
}
Explanation
In the fixed code example, the function getElementFromArray includes a check to ensure the index is within valid bounds. If the index is valid, it returns the requested element. Otherwise, it throws a RangeError with a descriptive message, allowing the calling code to handle the error gracefully. This prevents unexpected behavior and enhances the robustness of the application.