The C language provides several different kinds of constants: integer constants, such as 10 and 0x1C; floating constants, such as 1.0 and 6.022e+23; and character constants, such as 'a' and '\x10'. C also provides string literals, such as "hello, world" and "\n". These constants can all be referred to as literals.
...
Objects that are const-qualified have scope and can be type-checked by the compiler. Because these they are named objects (unlike macro definitions), some debugging tools can show the name of the object. The object also consumes memory.
...
- size of a bit-field member of a structure.
- size of an array (except in the case of variable length arrays).
- value of an enumeration constant.
- value of a
caseconstant.
If any of these are required, then an integer constant (which would be an rvalue) must be used.
const-qualified objects allow the programmer to take the address of the object.:
| Code Block |
|---|
const int max = 15; int a[max]; /* invalidInvalid declaration outside of a function */ const int *p; /* aA const-qualified object can have its address taken */ p = &max; |
...
| Code Block |
|---|
enum { max = 15 };
int a[max]; /* OK outside function */
const int *p;
p = &max; /* errorError: '&' on enum constant */
|
...
Method | Evaluated At | Consumes Memory | Viewable by Debuggers | Type Checking | Compile-Time Constant Expression |
|---|---|---|---|---|---|
enumerationsEnumerations | compile Compile time | noNo | yesYesyes | Yes | yesYes |
| runtimeRuntime | yesYesyes | Yes | yesYes | noNo |
macrosMacros | preprocessorPreprocessor | noNono | No | noNo | yesYes |
Noncompliant Code Example
The meaning of the integer literal 18 is not clear in this example.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
/* ... */
if (age >= 18) {
/* Take action */
}
else {
/* Take a different action */
}
/* ... */
|
...
This compliant solution replaces the integer literal 18 with the symbolic constant ADULT_AGE to clarify the meaning of the code.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
enum { ADULT_AGE=18 };
/* ... */
if (age >= ADULT_AGE) {
/* Take action */
}
else {
/* Take a different action */
}
/* ... */
|
...
Integer literals are frequently used when referring to array dimensions, as shown in this noncompliant code example.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
char buffer[256]; /* ... */ fgets(buffer, 256, stdin); |
This use of integer literals can easily result in buffer overflows , if, for example, the buffer size is reduced but the integer literal used in the call to fgets() is not.
...
In this noncompliant code example, the string literal "localhost" and integer constant 1234 are embedded directly in program logic and are consequently difficult to change.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
LDAP *ld = ldap_init("localhost", 1234);
if (ld == NULL) {
perror("ldap_init");
return(1);
}
|
...
In this compliant solution, the host name and port number are both defined as object-like macros, so they can be passed as compile-time arguments.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
#ifndef PORTNUMBER /* mightMight be passed on compile line */ # define PORTNUMBER 1234 #endif #ifndef HOSTNAME /* mightMight be passed on compile line */ # define HOSTNAME "localhost" #endif /* ... */ LDAP *ld = ldap_init(HOSTNAME, PORTNUMBER); if (ld == NULL) { perror("ldap_init"); return(1); } |
...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
Compass/ROSE |
|
| Could detect violations of this recommendation merely by searching for the use of "magic numbers" and magic strings in the code itself. That is, any number (except a few canonical numbers: −1, 0, 1, 2) that appears in the code anywhere besides where assigned to a variable is a magic number and should instead be assigned to a | ||||||
| nomagicc | Fully implemented. | |||||||
| 201 S | Fully implemented. | |||||||
| PRQA QA-C |
| 3120 | Partially implemented. |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...