SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 31

changes.mady.by.user Jill Britton

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

A break statement is not required following the default case because it would not affect the control flow.

Exceptions

MSC17-C-EX1: The last label in a switch statement requires no final break. It will conventionally be the default label.

MSC17-C-EX2: When control flow is intended to cross statement labels, it is permissible to omit the break statement. In these instances, the unusual control flow must be explicitly documentedmade clear, such as by adding the [[fallthrough]] C2x attribute, the __attribute__((__fallthrough__)) GNU extension, or a simple comment.

Code Block
bgColor#CCCCFF
langc
enum WidgetEnum { WE_W, WE_X, WE_Y, WE_Z } widget_type;
widget_type = WE_X;

switch (widget_type) {
  case WE_W:
    /* ... */
    /* No break; fall processthrough caseto forthe WE_X ascase well */
  case WE_X:
    /* ... */
    break;
  case WE_Y: case WE_Z:
    /* ... */
    break;
  default: /* Can't happen */
	 /* Handle error condition */
}

...

Failure to include break statements leads to unexpected control flow.

Recommendation

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

MSC17-C

Medium

Likely

Low

Yes

Yes

P18

L1

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
switch-clause-break
switch-clause-break-continue
switch-clause-break-return		Fully checked
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
LANG.STRUCT.SW.MBMissing break
Compass/ROSE

 

 

 




Coverity

Include Page
Coverity_V
Coverity_V

MISSING_BREAK

Can find instances of missing break statement between cases in switch statement

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.MSC17

Fully implemented

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C2003
Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.SWITCH.WELL_FORMED.BREAK.2012
LDRA tool suite
Include Page
LDRA_V
LDRA_V
62 SFully implemented
PRQA QA-C Include PagePRQA QA-C_vPRQA QA-C_v2003
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
CERT_C-MSC17-aMissing break statement between cases in a switch statement
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

616, 825

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. MSC17-CChecks for missing break of switch case (rec. fully covered)
PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V796
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V
switch-clause-break
switch-clause-break-continue
switch-clause-break-return		Fully checked
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
NonEmptyCaseWithoutBreak
 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++
Secure
Coding StandardVOID MSC18-CPP. Finish every set of statements associated with a case label with a break statement
CERT Oracle Secure Coding Standard for Java
56
MSC52-J. Finish every set of statements associated with a case label with a break statement

...


...

Image Modified Image Modified Image Modified