Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM Cost Reform

...

Code Block
bgColor#ccccff
langc
int value;

if (scanf("%d", &value) == 1) {
  if (value % 2 != 0) {
    /* Take action if value is odd */
  }
}

Compliant Solution

Using bitwise operators is safe on unsigned integers:

Code Block
bgColor#ccccff
languagec
unsigned int value;

if (scanf("%u", &value) == 1) {
  if (value & 0x1 != 0) {
    /* Take action if value is odd */
  }
}

Risk Assessment

Incorrect assumptions about integer representation can lead to execution of unintended code branches and other unexpected behavior.

Recommendation

Severity

Likelihood

Remediation Cost

Detectable

Repairable

Priority

Level

INT16-C

Medium

Unlikely

No

High

No

P2

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
bitop-type
Partially checked
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C2940, C2945 

DF2941, DF2942, DF2943, DF2946, DF2947, DF2948


LDRA tool suite
Include Page
LDRA_V
LDRA_V
50 S, 120 SPartially Implemented
Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
MISRA2008-5_0_21 PRQA QA-C Include PagePRQA QA-C_vPRQA QA-C_v

2940, 2941, 2942, 2943, 2945, 2946, 2947, 2948

 

...

CERT_C-INT16-a
CERT_C-INT16-b
Bitwise operators shall only be applied to operands of unsigned underlying type (with exceptions)
Bitwise operators shall not use positive integer literals as operands
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

502, 2704, 9088

Partially supported: reports bitwise not of signed quantity, declaration of named signed single-bit bitfields, and negation of the minimum negative integer

RuleChecker

Include Page
RuleChecker_V
RuleChecker_V

bitop-type
Partially checked


...