codeql/java/ql/src/Security/CWE/CWE-129/ImproperValidationOfArrayConstructionCodeSpecified.qhelp at fdc8453a59cd50a6a706fe01c3387b3dd9655544 · github/codeql · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<!DOCTYPE qhelp PUBLIC
  "-//Semmle//qhelp//EN"
  "qhelp.dtd">
<qhelp>
<overview>
<p>
Constructing an array using a size that may be zero can result in the creation of an empty array.
If an empty array is accessed without further checks, an <code>ArrayIndexOutOfBoundsException</code>
is thrown.</p>
<p>
This can happen when a fixed value of zero, or a random value that may be zero, is used as the size
directly.</p>
</overview>
<recommendation>
<p>
The size used in the array initialization should be verified to be greater than zero before being used.
 Alternatively, the array access may be placed within a conditional that ensures it is only accessed if
 the index is less than the array size.</p>
</recommendation>
<example>
<p>The following program constructs an array with the size specified by some random value:</p>
<sample src="ImproperValidationOfArrayConstructionCodeSpecified.java" />
<p>The first array construction is protected by a condition that checks if the random value is zero
or more. However, if the random value is <code>0</code> then an empty array is created, and any
array access would fail with an <code>ArrayIndexOutOfBoundsException</code>.</p>
<p>The second array construction is protected by a condition that checks if the random value is
greater than zero. The array will therefore never be empty, and the following array
access will not throw an <code>ArrayIndexOutOfBoundsException</code>.</p>
</example>

<references>

<li>Java API Specification: <a href="https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/lang/ArrayIndexOutOfBoundsException.html">ArrayIndexOutOfBoundsException</a>.</li>

</references>
</qhelp>