Page History

...

In any case, the behavior of the index operators is unchecked (no exceptions are thrown).

Non-Compliant Code Example

The behavior of this non-compliant example is undefined because the index i used to reference bs may be outside the range of bs, causing a write-out-of-bounds error.

...

This program does not typically raise an exception and may be exploited to overwrite memory at a specified location.

Compliant Solution

This compliant solution uses the {{basic_string at()}} method, which behaves in a similar fashion to the index {{operator\[\]}} but throws an {{out_of_range}} exception if {{pos >= size()}}.

...

In any case, the behavior of the index operators is unchecked (no exceptions are thrown).

Non-Compliant Code Example

The behavior of this non-compliant example is undefined because the size() of bs is 8 but the index used to reference bs ranges from 0 through 99.

...

This program does not typically raise an exception and is likely to crash.

Compliant Solution

Use the fill algorithm to assign the value '\0' to evey element in the specified range:

...

The range is specified as starting from the beginning of the string and ending at the minimum of the string length or the max_fill constant value of 100.

Risk Assessment

Unchecked element access can lead to out-of-bounds reads and writes and write-anywhere exploits. These exploits can in turn lead to the execution of arbitrary code with the permissions of the vulnerable process.

References

\[[Seacord 05|AA. C++ References#Seacord 05]\] Chapter 2 Strings
\[[ISO/IEC 14882-2003|AA. C++ References#ISO/IEC 14882-2003]\] Section 21.3.4 basic_string element access

...