...
The behavior of this non-compliant example is undefined becuase because the size() of bs is 8 but the index used to reference bs ranges from 0 through 99.
| Code Block |
|---|
string bs("01234567");
for (int i=0; i<100; i++) {
bs[i] = '\0'';
}
|
This program does not typically raise an exception and is likely to crash.
...
| Wiki Markup |
|---|
The following compliant solution uses the {{basic_string at()}} method which behaves in a similar fashion to the index {{operator\[\]}} but throws an {{out_of_range}} exception if {{pos >= size()}}. |
| Code Block |
|---|
string bs("01234567");
try {
for (int i=0; i<100; i++) {
bs.at(i) = '\0';
}
}
catch (...) {
cerr << "Index out of range" << endl;
}
|
...
Unchecked element access can lead to out-of-bounds read reads and writes and write-anywhere exploits. These exploits can in turn lead to the execution of arbitrary code with the permissions of the vulnerable process.
...