...
| Code Block | ||||
|---|---|---|---|---|
| ||||
if (a == b) {
/* ... */
}
|
Risk Assessment
Errors of omission can result in unintended program flow.
Recommendation | Severity | Likelihood | Detectable | Repairable | Priority | Level |
|---|---|---|---|---|---|---|
EXP15-C | High | Likely | Yes | Yes | P27 | L1 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| empty-body | Fully checked | ||||||
| Axivion Bauhaus Suite |
| CertC-EXP15 | Fully implemented | ||||||
| CodeSonar |
| LANG.STRUCT.EBS | Empty branch statement | ||||||
| Helix QAC |
| C3109 | |||||||
| Klocwork |
| SEMICOL |
| LDRA tool suite |
| 11 S, 12 S, 428 S | Fully Implemented | ||||||
| Parasoft C/C++test |
| CERT_C-EXP15-a | Suspicious use of semicolon | ||||||
| PC-lint Plus |
| 721, 722 | Partially supported: reports missing body from if, for, or while with semi-colon immediately following predicate | ||||||
| Polyspace Bug Finder |
| CERT C: Rec. EXP15-C | Checks for semicolon on same line as for, if or while statement (rule fully covered) | ||||||
| PVS-Studio |
| V529, V715 | |||||||
| SonarQube C/C++ Plugin |
| S1116 | |||||||
| RuleChecker |
| empty-body | Fully checked |
Related Guidelines
| SEI CERT Oracle |
| Coding Standard for Java |
| MSC51-J. Do not place a semicolon immediately following an if, for, or while condition | |
| ISO/IEC TR 24772:2013 | Likely Incorrect Expression [KOA] |
| MITRE CWE | CWE-480, Use of incorrect operator |
Bibliography
| [Hatton 1995] | Section 2.7.2, "Errors of Omission and Addition" |
...
...