Corgea LogoCorgea Security Hub

CWE-129: Improper Validation of Array Index

Learn about CWE-129 (Improper Validation of Array Index), its security impact, exploitation methods, and prevention guidelines.

What is Improper Validation of Array Index?

• Overview: Improper Validation of Array Index occurs when a program uses input from an untrusted source to calculate or use an array index without adequately validating it, leading to potential out-of-bounds access or other undefined behavior.

• Exploitation Methods:

  • Attackers can exploit this vulnerability by providing specially crafted input to manipulate the array index.
  • Common attack patterns include buffer overflows, data corruption, or unexpected application behavior by accessing invalid array positions.

• Security Impact:

  • Direct consequences of successful exploitation include application crashes, arbitrary code execution, or data leakage.
  • Potential cascading effects involve system instability, compromised data integrity, or unauthorized access to sensitive information.
  • Business impact can range from service disruptions to financial loss and damage to the organization's reputation.

• Prevention Guidelines:

  • Specific code-level fixes include implementing bounds checking to ensure that array indices are within valid ranges.
  • Security best practices involve validating all input, using safe functions that manage buffer sizes, and employing exception handling for out-of-bounds scenarios.
  • Recommended tools and frameworks include static analysis tools to detect potential vulnerabilities and using languages or libraries that provide automatic bounds checking.

Corgea can automatically detect and fix Improper Validation of Array Index in your codebase. Try Corgea free today.

Technical Details

Likelihood of Exploit: High

Affected Languages: C, C++, Not Language-Specific

Affected Technologies: Not specified

Vulnerable Code Example

C Example

// This C code demonstrates improper validation of an array index
#include <stdio.h>

void processInput(int index) {
    int numbers[5] = {10, 20, 30, 40, 50};

    // Vulnerable: Index validation is insufficient; only checks for non-negative values
    if (index >= 0) {
        printf("Number: %d\n", numbers[index]); // Potential out-of-bounds access
    } else {
        printf("Invalid index!\n");
    }
}

int main() {
    int userInput;
    printf("Enter an index: ");
    scanf("%d", &userInput);
    processInput(userInput); // User input is directly used without proper validation
    return 0;
}

Explanation

In the vulnerable code, the index is only checked to ensure it is non-negative. This is insufficient because it does not check if the index is less than the size of the array, which can lead to out-of-bounds access if a user enters a value greater than or equal to 5. This can cause undefined behavior, including program crashes or data corruption.

How to fix Improper Validation of Array Index?

Improper validation of an array index can lead to out-of-bounds access, potentially causing crashes or data corruption. The issue arises when user input is used to access an array without ensuring the index is within the valid range of the array.

To fix this vulnerability, ensure that the index is both non-negative and less than the size of the array before accessing it. This prevents out-of-bounds access, which can lead to undefined behavior in C.

Best Practice:

  • Always validate that the index is within the bounds of the array.
  • Consider using constants or macros to define array sizes, which can make your code more maintainable and less error-prone.

Fixed Code Example

// This C code demonstrates proper validation of an array index
#include <stdio.h>

#define ARRAY_SIZE 5

void processInput(int index) {
    int numbers[ARRAY_SIZE] = {10, 20, 30, 40, 50};

    // Fixed: Properly validate the index to ensure it is within array bounds
    if (index >= 0 && index < ARRAY_SIZE) {
        printf("Number: %d\n", numbers[index]); // Safe access within bounds
    } else {
        printf("Invalid index!\n"); // Proper error handling for out-of-bounds index
    }
}

int main() {
    int userInput;
    printf("Enter an index: ");
    scanf("%d", &userInput);
    processInput(userInput); // User input is now safely validated
    return 0;
}

Explanation

In the fixed code, we verify that the index is both non-negative and less than the defined ARRAY_SIZE before accessing the array. This change ensures that all array accesses are within bounds, preventing undefined behavior and enhancing the program's robustness. By using a macro to define the array size, the code becomes more maintainable and less prone to errors.

Corgea Logo

Find this vulnerability and fix it with Corgea

Scan your codebase for CWE-129: Improper Validation of Array Index and get remediation guidance

Start for free and no credit card needed.