SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 48

changes.mady.by.user Tracey Tamules

Saved on

compared with

New Version 49

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following noncompliant code accepts user data without first validating it.

Code Block
bgColor#FFCCCC
langc
float currentBalance; /* User's cash balance */
void doDeposit() {
  float val;

  scanf("%f", &val);

  if(val >= MAX_VALUE - currentBalance) {
    /* Handle range error */
  }

  currentBalance += val;
}

...

The following code first validates the input float before using it. The value is tested to ensure that it is neither an infinity nor a NaN.

Code Block
bgColor#ccccff
langc
float currentBalance; /* User's cash balance */

void doDeposit() {
  float val;

  scanf("%f", &val);
  if (isinf(val)) {
    /* handle infinity error */
  }
  if (isnan(val)) {
    /* handle NaN error */
  }
  if (val >= MAX_VALUE - currentBalance) {
    /*Handle range error*/
  }

  currentBalance += val;
}

...