C 缓冲区过读 if (index >= 0 && index < len)

C 缓冲区过读 if (index >= 0 && index < len)   

 CWE - CWE-126: Buffer Over-read (3.2) http://cwe.mitre.org/data/definitions/126.html

CWE - CWE-125: Out-of-bounds Read (3.2) http://cwe.mitre.org/data/definitions/125.html

 

#include <stdio.h>

int main () {

    int n[ 10 ]; /* n is an array of 10 integers */
    int i,j;

    /* initialize elements of array n to 0 */
    for ( i = 0; i < 10; i++ ) {
        n[ i ] = i + 100; /* set element at location i to i + 100 */
    }

    /* output each array element's value */
    for (j = 0; j < 10; j++ ) {
        printf("Element[%d] = %d\n", j, n[j] );
    }
    j=-2;
    printf("Element[%d] = %d\n", j, n[j] );
    n[j]=-20;
    printf("Element[%d] = %d\n", j, n[j] );

    j=30;
    printf("Element[%d] = %d\n", j, n[j] );
    n[j]=-300;
    printf("Element[%d] = %d\n", j, n[j] );

    return 0;
}

 

 

Element[0] = 100
Element[1] = 101
Element[2] = 102
Element[3] = 103
Element[4] = 104
Element[5] = 105
Element[6] = 106
Element[7] = 107
Element[8] = 108
Element[9] = 109
Element[-2] = -2
Element[-20] = 2130567168
Element[30] = 1
Element[30] = -300
请按任意键继续. . .

 

 

TODO 内存泄露和指定下标值的解释