SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 35

changes.mady.by.user Aaron Ballman

Saved on

compared with

New Version 36

changes.mady.by.user Aaron Ballman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#FFCCCC
langc
#include <stdio.h>
 
extern void f(int i);
 
void func(int expr) {
  switch (expr) {
    int i = 4;
    f(i);
  case 0:
    i = 17;
    /* Falls through into default code */
  default:
    printf("%d\n"€, i);
  }
  return 0;
}

Implementation Details

When the preceding example is executed on GCC version 4.1.2, the variable i is instantiated with automatic storage duration within the block, but it is not initialized. Consequently, if the controlling expression has a nonzero value, the call to printf() will access an indeterminate value of i. Similarly, the call to f() is not executed.

...

Code Block
bgColor#ccccff
langc
#include <stdio.h>
 
extern void f(int i);
 
int func(int expr) {

  int i = 4;    /* Move the code outside the switch block, */
now  f(i);the statements
     will get executed.  */*
 Now theint statementsi will= get4;
 executed */ f(i);

  switch(expr) {
    case 0:
      i = 17;
      /* Falls through into default code */
    default:
      printf("€œ%d\n"€, i);
  }
  return 0;
}

...

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC35-C

medium

unlikely

medium

P4

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

MISRA C:2012Rule 16.1 (required)

...