C33011

Warning C33011: Unchecked upper bound for enum 'enum' used as index.

This warning is triggered for an enum that is used as an index into an array, if the lower bound is checked for its value, but not the upper bound.

Example

Code that uses enumerated types as indexes for arrays must check the enum value for both lower and upper bounds. If the enum value is checked only for the lower bound before used to index into an array of values or an array of function pointers, then it can allow arbitrary memory to be read, used, or even executed.

typedef void (*PFN)();

enum class Index
{
    Zero,
    One,
    Two,
    Three,
    Max
};

void foo(Index idx, PFN(&functions)[5])
{
    if (idx < Index::Zero)
        return;

    auto pfn = functions[static_cast<int>(idx)];    // C33011
    if (pfn != nullptr)
        (*pfn)();
    // ......
}

These warnings are corrected by checking the index value for upper bound as well:

typedef void (*PFN)();

enum class Index
{
    Zero,
    One,
    Two,
    Three,
    Max
};

void foo(Index idx, PFN(&functions)[5])
{
    if (idx < Index::Zero || idx > Index::Max)
        return;

    auto pfn = functions[static_cast<int>(idx)];    // OK
    if (pfn != nullptr)
        (*pfn)();
    // ......
}

See also

C33010