SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 21

changes.mady.by.user cjohns

Saved on

compared with

New Version 22

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Code that is executed but does not perform any action, or has an unintended effect, most likely results from a coding error and can result in unexpected behavior and vulnerabilities. Statements or expressions that have no effect should be identified and removed from code.

Non-Compliant Code Example

...

(assignment)

In this example, the comparison of a to b has no effect.

...

This is likely a case of the programmer mistakenly using the equals operator == instead of the assignment operator =.

Compliant Solution

...

(assignment)

The assignment of b to a is now properly performed.

Code Block
bgColor#ccccff
int a;
int b;
/* ... */
a = b;

Non-Compliant Code Example

...

(dereference)

In this example, p is incremented and then dereferenced. However, *p has no effect.

Code Block
bgColor#FFCCCC
int *p;
/* ... */
*p++;

Compliant Solution

...

(dereference)

Correcting this example depends on the intent of the programmer. For instance, if dereferencing p was done on accident, then p should not be dereferenced.

...