SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 37

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 38

changes.mady.by.user Arthur Hicken

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: updated parasoft

...

In this example, a bitwise complement of port is first computed and then shifted 4 bits to the right. If both of these operations are performed on an 8-bit unsigned integer, then result_8 will have the value 0x0a. However, port is first promoted to a signed int, with the following results (on a typical architecture where type int is 32 bits wide):

Expression

Type

Value

Notes

port

uint8_t

0x5a

 


~port

int

0xffffffa5

 


~port >> 4

int

0x0ffffffa

Whether or not value is negative is implementation-defined.

result_8

uint8_t

0xfa

 


Compliant Solution

In this compliant solution, the bitwise complement of port is converted back to 8 bits. Consequently, result_8 is assigned the expected value of 0x0aU.

...

Bitwise operations on shorts and chars can produce incorrect data.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP14-C

low

likely

high

P3

L3

Automated Detection

Tool

Version

Checker

Description

CodeSonar
Include Page
CodeSonar_V
CodeSonar_V
LANG.CAST.RIPRisky integer promotion
Compass/ROSE

 

 

 




ECLAIR

Include Page
ECLAIR_V
ECLAIR_V

CC2.EXP14

Fully implemented

Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
MISRA-
043{b} 
043b

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID EXP15-CPP. Beware of integer promotion when performing bitwise operations on chars or shorts
MISRA-CRule 10.5

...


...