Claude-skill-registry detecting-arbitrary-read
Detects arbitrary read vulnerabilities by identifying unchecked array indexing and out-of-bounds memory access. Use when analyzing array access patterns, pointer arithmetic, or investigating information disclosure vulnerabilities.
install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/detecting-arbitrary-read" ~/.claude/skills/majiayu000-claude-skill-registry-detecting-arbitrary-read && rm -rf "$T"
manifest:
skills/data/detecting-arbitrary-read/SKILL.mdsource content
Arbitrary Read Detection
Detection Workflow
- Identify read operations: Array accesses, pointer dereferences, format strings, struct member access
- Trace input sources: Use
to trace user-controlled data to read pointsxrefs_to - Check bounds validation: Verify array bounds, pointer arithmetic safety, format string validation
- Assess exploitability: Can attacker control read address? What information can be disclosed?
Key Patterns
- Unchecked array indexing with user-controlled indices
- Format string vulnerabilities with %s, %x
- Dereferencing user-controlled pointers
- Wrong struct member access via type confusion
Output Format
Report with: id, type, severity, confidence, location (function, address, line), read operation, index source, bounds check status, exploitability, attack scenario, potential disclosure, mitigation.
Severity Guidelines
- CRITICAL: Arbitrary read of sensitive data (keys, passwords)
- HIGH: Arbitrary read enabling ASLR bypass
- MEDIUM: Arbitrary read with limited disclosure
- LOW: Minor information disclosure
See Also
- Detailed detection patterns and exploitation scenariospatterns.md
- Example analysis cases and code samplesexamples.md
- CWE references and tool documentationreferences.md