Confusing - Out of bound memory access (access exceeds upper limit of memory block)re


I don’t understand why for the following C code I’m getting the “Out of bound memory access (access exceeds upper limit of memory block)”.

   *unsigned int i;				  
   for (i = 0; i < 511; i = i + 1)                
      some_list->data[i+511] = ((int_number * 512) + (i + 1));*

*data* field is **int data[1]**

I’m using SonarQube Enterprise Edition Version 9.2.1.
I’d appreciate any comments on that…

Best regards

Hello @Dominik,

I’m not totally sure what you don’t understand here:

  • data is a array of size 1 (this sounds suspect, I’ll come back on this later)
  • You are accessing elements of the array with indices i+511, which means for instance that for the first iteration of the loop, you are accessing element 511, which does not exist.
  • This is an out of memory access, you might be corrupting some memory.

Is this a serious issue? Maybe, but maybe not. Theoretically, yes, it is very serious. But in practice, especially in C, some people declare an array of size 1, and then allocate more memory for the data. If this pattern is used, maybe the array should be considered as if its size was larger than 1, but this is not a situation that we detect, and we report that according to the type declaration, you are overwriting the buffer.

We already have a ticket to provide more accurate support for this kind of situation. Meanwhile, you might want to manually assess that the actual size of this buffer is large enough to support of data accesses (at least 1022 elements).

Hello JolyLoic ,
Thank you very much for the answer and sorry for not being detail enough while raising the question. Indeed this is the case where an array is declared of size 1 and than the memory is being allocated to handle big enough amount of data.
So clearly it is a false positive.

Best regards

So you are indeed in the situation for which the ticket was created. I’ve added this post to the ticket. Thank you for reporting it.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.