...
Code Block |
---|
string bs("01234567"); try { for (int i=0; i<100; i++) { bs.at(i) = '\0'; } } catch (...) { cerr << "Index out of range" << endl; } |
...
Priority: P9 Level: L2
Unchecked element access can lead to out-of-bounds reads and writes and write-anywhere exploits. These exploits can in turn lead to the execution of arbitrary code with the permissions of the vulnerable process.
Component | Value |
---|---|
Severity | 3 (high) |
Likelihood | 3 (likely) |
Remediation cost | 1 (high) |
References
- Seacord 05 Chapter 2 Strings
- ISO/IEC 14882-2003 Section 21.3.4 basic_string element access