SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 12

changes.mady.by.user Jeffrey Gennari

Saved on

compared with

New Version 13

changes.mady.by.user Jeffrey Gennari

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This example, inspired by Fortify demonstrates how dead code can be introduced into a program. The second conditional statement, if (s) may never evaluate true because it requires that s not be assigned NULL. However, the only path where s can be assigned a non-NULL value ends with a return statement.

Code Block
bgColor#FFCCCC
int func(int condition) {
    int *s = NULL;
    if (condition) {
        s = malloc(10);
        if (s == NULL) {
           /* Handle Error */
        }
        /* insert data into s */
        return 0;
    }
    /* ... */
    if (s) {
        /* This code is never reached */
    }
}

Compliant Solution

Code Block
bgColor#ccccff
/* */

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

 

 

 

 

 

 

References