Statements (57)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:CEO
|
| gptkbp:bfsLayer |
6
|
| gptkbp:bfsParent |
gptkb:CWE-74
|
| gptkbp:category |
Improper Input Validation
|
| gptkbp:common_name |
Looping through arrays.
|
| gptkbp:countermeasures |
Code reviews.
Use of safe libraries. |
| gptkbp:difficulty |
gptkb:High
|
| gptkbp:education |
Training on secure coding practices.
|
| gptkbp:error_handling |
Off-by-one errors.
|
| gptkbp:example |
for (int i = 0; i <= size; i++) { array[i] = value; }
Array index out of bounds. User input leading to array access. Accessing an array with an index that is not checked against its size. |
| gptkbp:game_components |
Software applications.
|
| gptkbp:has_weakness |
CWE-682
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-129
|
| gptkbp:impact |
Critical.
Application crashes. Potential for buffer overflow or out-of-bounds access. |
| gptkbp:investment |
Data corruption.
|
| gptkbp:is_a_framework_for |
Java Collections Framework.
|
| gptkbp:is_a_tool_for |
Static analysis tools.
|
| gptkbp:is_described_as |
The software does not validate that an index is within the bounds of an array.
|
| gptkbp:is_protected_by |
Implement bounds checking for all array accesses.
Use safe array access functions. |
| gptkbp:is_referenced_in |
https://cwe.mitre.org/data/definitions/129.html
|
| gptkbp:is_tested_for |
Fuzz testing.
Unit tests for array bounds. |
| gptkbp:is_vulnerable_to |
Exploitable in certain conditions.
Improper loop conditions. Out-of-bounds access. |
| gptkbp:issues |
Assuming array indices start at 0.
|
| gptkbp:language |
C, C++, Java, Python.
C, C++. |
| gptkbp:name |
Improper Validation of Array Index
|
| gptkbp:performed_by |
Always validate input.
Code reviews and pair programming. |
| gptkbp:recognizes |
Static analysis tools.
|
| gptkbp:related_concept |
ISO/ IEC 27001.
Input validation. |
| gptkbp:related_to |
gptkb:CWE-119
gptkb:CWE-131 gptkb:CWE-190 gptkb:CWE-787 gptkb:CWE-125 gptkb:CWE-20 CWE-476 CWE-682 |
| gptkbp:restoration |
Use of assertions.
|
| gptkbp:security_features |
Buffer overflow vulnerabilities.
Ensure proper error handling. Implement input sanitization. Potential for denial of service. Segmentation faults. |
| gptkbp:sustainability_initiatives |
Refactor code to ensure index validation.
|
| gptkbp:treatment |
Implementing checks before accessing arrays.
|