Security Snippet Number 1
Common Weakness Enumerations can be found at https://cwe.mitre.org/data/definitions/699.html CWE-129: Improper Validation of Array Index https://cwe.mitre.org/data/definitions/129.html Description The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. Demonstrative Examples Example 1 : Java language public String getValue(int index) { return array[index]; } This may result in ArrayIndexOutOfBounds Exception being raised if index is outside the range of the array. Example 2: Java language private void buildList (int untrustedListSize) { if ( 0 > untrustedListSize ) { die(“Negative value supplied for list size, die evil hacker!”); } Widget[] list = new Widget[ untrustedListSize ]; list[0] = new Widget()’ } T...