...
If two operands
pandqcompare equal,p<=qandp>=qboth yieldtrueandp<qandp>qboth yieldfalse. Otherwise, if a pointerpcompares greater than a pointerq,p>=q,p>q,q<=p, andq<pall yieldtrueandp<=q,p<q,q>=p, andq>pall yieldfalse. Otherwise, the result of each of the operators is unspecified.
| Page properties | ||
|---|---|---|
| ||
The "Thus" statement below is incomplete. What is required to make such a statement is p3, which is a total mess because it doesn't say WHAT should happen when two pointers not of the same container are compared. The assumption is that this is what causes us to fall into the final "otherwise" clause of p4, but I think a core issue may be in order. Once that is resolved, we can update this section accordingly. |
...
Risk Assessment
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
CTR54-CPP | Medium | Probable | No | MediumNo | P8 P4 | L2 L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| invalid_pointer_subtraction invalid_pointer_comparison | |||||||||||
| CodeSonar |
| LANG.STRUCT.CUP | Comparison of Unrelated Pointers | ||||||||||
| Helix QAC |
| C++2668, C++2761, C++2762, C++2763, C++2766, C++2767, C++2768DF2668, DF2761, DF2762, DF2763, DF2766, DF2767, DF2768 | |||||||||||
| LDRA tool suite |
| 70 S, 87 S, 437 S, 438 S | Enhanced Enforcement | ||||||||||
| Parasoft C/C++test |
| CERT_CPP-CTR54-a | Do not compare iterators from different containers | PRQA QA-C++ | |||||||||
| Include Page | PRQA QA-C++_V | PRQA QA-C++_V | |||||||||||
| Polyspace Bug Finder |
| CERT C++: CTR54-CPP | Checks for subtraction or comparison between iterators from different containers (rule partially covered). | 2668, 2761, 2762, 2763, 2766, 2767, 2768 | Enforced by QA-CPP |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...