...
| Code Block | ||||
|---|---|---|---|---|
| ||||
void f(size_t begin, size_t step) {
if (0 < step) {
intsize_t i;
for (i = begin; i <= INTSIZE_MAX - step; i += step) {
/* ... */
}
}
}
|
...
Testing for exact values runs the risk of a loop terminating much longer than expected or never terminating at all.
Recommendation | Severity | Likelihood | Detectable |
|---|
Repairable | Priority | Level |
|---|---|---|
MSC21-C | Low | Unlikely |
No | No |
P1 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| Supported: Astrée reports potential infinite loops. | |||||||
| CodeSonar |
| LANG.STRUCT.LOOP.HR | High risk loop | ||||||
| Compass/ROSE |
| LDRA tool suite |
| 510 S | Partially implemented | ||||||
| PC-lint Plus |
| 440, 442, 443, | Partially supported | ||||||
| Polyspace Bug Finder |
| Checks for loop |
| bounded with tainted value |
Tainted sign change conversion
Loop controlled by a value from an unsecure source
Value from an unsecure source changes sign| (rec. partially covered) | |||||||||
| PVS-Studio |
| V621 | |||||||
| Security Reviewer - Static Reviewer |
| ctuOneDefinitionRuleViolation | Fully implemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...