Page History

If one definition affects another, a relation exists between constants, you should encode the relationship in the definition; do definitions. Do not give two independent definitions. A corollary of this recommendation is not to encode transitory relationships in definitions, because a maintainer may fail to preserve that relationship when modifying the code. As a corollary, do not encode an impermanent or false relationship between constants, because future modifications may result in an incorrect definition for the dependent constant.

Noncompliant Code Example

...

A programmer performing maintenance on this program would need to identify the relationship and modify both definitions accordingly. While Although this sort of error appears relatively benign, it can easily lead to serious security vulnerabilities, such as buffer overflows.

...

The declaration in this compliant solution embodies the relationship between the two definitions.:

enum { IN_STR_LEN=18, OUT_STR_LEN=IN_STR_LEN+2 };

...

In this noncompliant code example, a relationship is established between two constants where none exists.:

enum { ADULT_AGE=18 };

/* misleading,Misleading; relationship established when none exists */
enum { ALCOHOL_AGE=ADULT_AGE+3 };

...

This compliant solution does not assume a relationship when where none exists:

enum { ADULT_AGE=18 };
enum { ALCOHOL_AGE=21 };

Risk Assessment

Failing to properly encode relationships in constant definitions may lead to the introduction of defects during maintenance. These defects could potentially result in vulnerabilities, for example, if the affected constants were used for allocating or accessing memory.

Automated Detection

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography

...

...

Image Modified Image Modified Image Modified