...
- Using pointer arithmetic so that the result does not point into or just past the end of the same object
- Using such pointers in arithmetic expressions
- Dereferencing pointers that do not point to a valid object in memory
- Using an array subscript so that the resulting reference does not refer to an element in the array
The C standard [ISO/IEC 9899:2011] identifies the following distinct situations in which undefined behavior (UB) can arise as a result of invalid pointer operations:
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
ISO/IEC 9899:2011 Section Section 6.7.5.2, "Array declarators"
...