A switch block comprises several case labels and an optional but highly recommended default label. By convention, statements that follow each case label end with a break statement, responsible for transferring the control to the end of the switch block. When omitted, the statements in the subsequent case label are executed. Because the break statement is optional, its omission produces no compiler warnings. If this behavior is unintentional, it can cause unexpected control flow.
In this noncompliant code example, the case wherein the card is 11, does not have a break statement. As a result, the statements for card = 12 are also executed.
int card = 11;
switch (card) {
/* ... */
case 11:
System.out.println("Jack");
case 12:
System.out.println("Queen");
break;
case 13:
System.out.println("King");
break;
default:
System.out.println("Invalid Card");
break;
}
|
This compliant solution terminates each case (including the default case) with a break statement.
int card = 11;
switch (card) {
/* ... */
case 11:
System.out.println("Jack");
break;
case 12:
System.out.println("Queen");
break;
case 13:
System.out.println("King");
break;
default:
System.out.println("Invalid Card");
break;
}
|
*MSC14-EX1*: The {{break}} statement at the end of the final case in a {{switch}} statement may be omitted. The {{break}} statement serves to transfer control to the end of the {{switch}} block; fall-through behavior also causes control to arrive at the end of the {{switch}} block. Consequently, control transfers to the statements following the {{switch}} block without regard to the presence or absence of the {{break}} statement. Conventionally, the last label is the {{default}} label. Nevertheless, the final case in a {{switch}} statement should end with a {{break}} statement, in accordance with good programming style (see \[[Rogue 2000|AA. Bibliography#Rogue 00]\]). |
MSC14-EX2: A break statement may be omitted when multiple cases require execution of identical code. Such instances must be explicitly documented. For example:
int card = 11;
int value;
// Cases 11,12,13 fall through to the same case
switch (card) {
// MSC13-J:EX2: these three cases are treated identically
case 11:
case 12:
case 13:
value = 10;
break;
default:
// Handle Error Condition
}
|
MSC14-EX3: When a case ends with a return or throw statement, the break statement may be omitted.
Failure to include break statements may cause unexpected control flow.
Guideline |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
MSC14-J |
medium |
unlikely |
low |
P6 |
L2 |
This guideline appears in the C Secure Coding Standard as MSC17-C. Finish every set of statements associated with a case label with a break statement.
This guideline appears in the C++ Secure Coding Standard as MSC18-CPP. Finish every set of statements associated with a case label with a break statement.
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
\[[JLS 2005|AA. Bibliography#JLS 05]\] [Section 14.11 The switch Statement|http://java.sun.com/docs/books/jls/third_edition/html/statements.html#14.11] \[[Rogue 2000|AA. Bibliography#Rogue 00]\] [The Elements of Java Style|http://www.ambysoft.com/books/elementsJavaStyle.html], Rule 78. |
MSC13-J. Do not modify the underlying collection when an iteration is in progress 49. Miscellaneous (MSC) MSC15-J. Use numerical comparison operators to terminate a loop whose counter changes by more than one