SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 97

changes.mady.by.user Will Snavely

Saved on

compared with

New Version 98

changes.mady.by.user Svyatoslav Razmyslov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Failing to account for all possibilities within a logic statement can lead to a corrupted running state, potentially resulting in unintentional information disclosure or abnormal termination.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC01-C

Medium

Probable

Medium

P8

L2

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

missing-else

switch-default

Partially checked
Compass/ROSE
  


Can detect some violations of this recommendation. In particular, it flags switch statements that do not have a default clause. ROSE should detect "fake switches" as well (that is, a chain of if statements each checking the value of the same variable). These if statements should always end in an else clause, or they should mathematically cover every possibility. For instance, consider the following:

  if (x > 0) {
	  /* ... */
  } else if (x < 0) {
    /* ... */
  } else if (x == 0) {
    /* ... */
  }
GCC
Include Page
GCC_V
GCC_V
 

Can detect some violations of this recommendation when the -Wswitch and -Wswitch-default flags are used

Klocwork
 
Include Page
Klocwork_V
Klocwork_V
CWARN.EMPTY.LABEL 
LA_UNUSED
MISRA.IF.NO_ELSE
MISRA.SWITCH.WELL_FORMED.DEFAULT.2012
INFINITE_LOOP.GLOBAL
INFINITE_LOOP.LOCAL
INFINITE_LOOP.MACRO
 

LDRA tool suite
Include Page
LDRA_V
LDRA_V
48 S, 59 SFully implemented
Parasoft C/C++test
Include Page
c:
Parasoft_V
c:
Parasoft_V
MISRA2012-RULE-15_7, MISRA2004-15_3
 

Polyspace Bug FinderR2016a

Dead code

Missing case for switch condition

Unreachable code

Code does not execute

Default case is missing and may be reached

Code following control-flow statements

PRQA QA-C
Include Page
PRQA QA-C_v
PRQA QA-C_v

0597
1460
1470
1472

2000
2002
2004

Fully implemented
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V

missing-else

switch-default

Partially checked
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V

ElseIfWithoutElse, SwitchWithoutDefault

 

PVS-Studio3.62.1V517

The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence.

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID MSC01-CPP. Strive for logical completeness
ISO/IEC TS 17961Use of an implied default in a switch statement [swtchdflt]
ISO/IEC TR 24772Switch Statements and Static Analysis [CLL]

Bibliography

[Hatton 1995]Section 2.7.2, "Errors of Omission and Addition"
[Viega 2005]Section 5.2.17, "Failure to Account for Default Case in Switch"
[Zadegan 2009]"A Lesson on Infinite Loops"

...


...