...
| Code Block | ||||
|---|---|---|---|---|
| ||||
void f(size_t begin, size_t step) {
if (0 < step) {
intsize_t i;
for (i = begin; i <= INTSIZE_MAX - step; i += step) {
/* ... */
}
}
}
|
...
Testing for exact values runs the risk of a loop terminating much longer than expected or never terminating at all.
Recommendation | Severity | Likelihood |
|---|
Detectable | Repairable | Priority | Level |
|---|---|---|---|
MSC21-C | Low | Unlikely | No |
No |
P1 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||
|---|---|---|---|---|---|---|---|
| Astrée |
|
| Supported: Astrée reports potential infinite loops. | |||||||||
| CodeSonar |
| LANG.STRUCT.LOOP.HR | High risk loop | ||||||
| Compass/ROSE |
| LDRA tool suite |
| 510 S | Partially implemented | ||||||
| PC-lint Plus |
| 440, 442, 443, | Partially supported | ||||||
| Polyspace Bug Finder |
|
Loop controlled by a value from an unsecure source
Value from an unsecure source changes sign
| Checks for loop bounded with tainted value (rec. partially covered) | ||||||||
| PVS-Studio |
| V621 | |||||||
| Security Reviewer - Static Reviewer |
| ctuOneDefinitionRuleViolation | Fully implemented |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
...