SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 9

changes.mady.by.user Alex Volkovitsky

Saved on

compared with

New Version 10

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Fixed code math, nblocks is now # of blocks necessary to hold nbytes

...

Code Block
bgColor#FFcccc
#include <stdio.h>
/* ... */
nblocks = 1 + ((nbytes - 1) >> 9);  /* hardBUFSIZ to= modify,512 uses "magic number"= 2^9 */

The programmer's assumption underlying this code is that "everyone knows that BUFSIZ equals 512," and right-shifting nine bits is the same (for positive numbers) as dividing by 512. However, if BUFSIZ changes to 1024 on some systems, modifications are difficult and error-prone.

...

Code Block
bgColor#ccccff
#include <stdio.h>
/* ... */
nblocks = 1 + (nbytes - 1) / BUFSIZ;

Most modern C compilers will optimize this code appropriately.

Risk Assessment

Improper use of macros may result in unexpected arithmetic resultsHardwiring constants renders code potentially nonportable; in fact it will produce unexpected under any circumstances in which the constant changes.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP07-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

...