Variables and functions should be declared in the minimum scope from which all references to the identifier are still possible.
When a larger scope than necessary is used, code becomes less readable, harder to maintain, and more likely to reference unintended variables. (See DCL01-C. Do not reuse variable names in subscopes.)
Noncompliant Code Example
In this noncompliant code example, the function counter() increments the global variable count and then returns immediately if this variable exceeds a maximum value.
unsigned int count = 0;
void counter() {
if (count++ > MAX_COUNT) return;
/* ... */
}
Assuming that the variable count is only accessed from this function, this example is noncompliant because it does not define count within the minimum possible scope.
Compliant Solution
In this compliant solution, the variable count is declared within the scope of the counter() function as a static variable. The static modifier, when applied to a local variable (one inside of a function), modifies the lifetime (duration) of the variable so that it persists for as long as the program does and does not disappear between invocations of the function.
void counter() {
static unsigned int count = 0;
if (count++ > MAX_COUNT) return;
/* ... */
}
The keyword static also prevents reinitialization of the variable.
Noncompliant Code Example
The counter variable i is declared outside of the for loop, which goes against this recommendation because it is not declared in the block in which it is used. If this code were reused with another index variable j, but there was a previously declared variable i, the loop could iterate over the wrong variable.
size_t i = 0;
for (i=0; i < 10; i++){
/* Perform operations */
}
Compliant Solution
Complying with this recommendation requires that you declare variables where they are used, which improves readability and reusability. In this example, you would declare the loop's index variable i within the initialization of the for loop. This requirement was recently relaxed in the C Standard.
for (size_t i=0; i < 10; i++) {
/* Perform operations */
}
Risk Assessment
Failure to minimize scope could result in less reliable, readable, and reusable code.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL19-C | low | unlikely | medium | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description |
|---|---|---|---|
| 1.2 | filscope | Fully implemented |
Related Guidelines
CERT C++ Secure Coding Standard: DCL07-CPP. Minimize the scope of variables and methods
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
ISO/IEC 9899:2011 Appendix D.1.15, "Declaration in for-loop statement"