mutated × unstructured — blows up live on input you didn't expect
Off-by-One Index Crash
A counter advanced one step too far indexes past the end of the array.
01the recipe
In the wild
compound of++ / -- & Integer OverflowCWE-193 Off-by-OneIndex Out of Bounds & Missing KeysCWE-129compoundCWE-125 OOB ReadCWE-787 OOB Write
example.py
# SMELL: a counter advanced one step too far indexes past the end.
# (increment / decrement x index out of bounds)
i = 0
while i <= len(rows): # <= overshoots by one
process(rows[i]) # IndexError on the last turn -- only for some sizes
i += 1
# RIGHT: stop before the length; let the language bound the walk.
for row in rows: # no hand-rolled index to get wrong
process(row)An off-by-one in the loop bound (<= instead of <) pushes the index one past the array. In Python it is an IndexError; in C the same slip is an out-of-bounds read or write. It survives every test whose input length never reached the last step.
// observed
bug: IndexError: list index out of range on the final element right: every row processed; no manual index to overshoot
02weakness catalog
Mapped weaknesses (CWE)
On its own, this defect is catalogued by MITRE as one or more of these weaknesses. The exploitable vulnerability usually appears only when it chains or combines with another.