...
Using an invalid iterator range is similar to allowing a buffer overflow, which can lead to an attacker running arbitrary code.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
CTR53-CPP | High | Probable | High | P6 | L2 |
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Astrée |
| overflow_upon_dereference | |||||||
CodeSonar |
| LANG.MEM.BO | Buffer Overrun | ||||||
Helix QAC |
| C++3802 | |||||||
Parasoft C/C++test |
| CERT_CPP-CTR53-a | Do not use an iterator range that isn't really a range | |||||||
Polyspace Bug Finder |
| CERT C++: CTR53-CPP | Checks for invalid iterator range (rule partially covered). | ||||||
PVS-Studio |
| V539, V662, V789 |
Related Vulnerabilities
In Fun with erase(), Chris Rohlf discusses the exploit potential of a program that calls vector::erase()
with invalid iterator ranges [Rohlf 2009].
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
SEI CERT C++ Coding Standard | CTR51-CPP. Use valid references, pointers, and iterators to reference elements of a container CTR57-CPP. Provide a valid ordering predicate |
Bibliography
[ISO/IEC 14882-2014] | Clause 24, "Iterators Library" |
[Meyers 2001] | Item 32, "Follow Remove-Like Algorithms with erase If You Really Want to Remove Something" |
...
...