SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 101

changes.mady.by.user Astha Singhal

Saved on

compared with

New Version 102

changes.mady.by.user Carol J. Lallier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Do not use the same variable name in two scopes where one scope is contained in another. For example,

  • No other variable should share the name of a global variable if the other variable is in a subscope of the global variable.
  • A block should not declare a variable with the same name as a variable declared in any block that contains it.

...

This noncompliant code example declares the msg identifier at file scope and reuses the same identifier to declare a character array local to the report_error() function. The programmer may unintentionally copy the function argument to the locally declared msg array within the report_error() function. Depending on the programmer's intention, this either fails to initialize the global variable msg, or this allows the local msg buffer to overflow by using the global value msgsize as a bounds for the local buffer.

Code Block
bgColor#FFCCCC
langc

static char msg[100];
static const size_t msgsize = sizeof( msg);

void report_error(const char *str) {
  char msg[80];
  snprintf(msg, msgsize, "Error: %s\n", str);
  /* ... */
}

int main() {
  /* ... */
  report_error("some error");
}

...

Code Block
bgColor#ccccff
langc

static char message[100];
static const size_t message_size = sizeof( message);

void report_error(const char *str) {
  char msg[80];
  snprintf(msg, sizeof( msg), "Error: %s\n", str);
  /* ... */
}

int main() {
  /* ... */
  report_error("some error");
}

When the block is small, the danger of reusing variable names is mitigated by the visibility of the immediate declaration. Even in this case, however, variable name reuse is not desirable. In general, the larger the declarative region of an identifier, the more descriptive and verbose should be the name of the identifier.

...

DCL01-EX1: A function argument in a function declaration may clash with a variable in a containing scope , provided that when the function is defined, the argument has a name that clashes with no variables in any containing scopes.

Code Block
bgColor#ccccff
langc

extern int name;
void f(char *name);   // declaration: no problem here
// ...
void f(char *arg) {   // definition: no problem, arg doesn't hide name
  // use arg
}

...

LDRA tool suite

Compass/ROSE

Klocwork

IF_MULTI_DECL
IF_MULTI_DEF
IF_MULTI_KIND

declhidn

section

Tool

Version

Checker

Description

Section
Include Page
LDRA_V
LDRA_V
section

131 S

section

Fully

Implementedsection

implemented

Splint

Include Page
Splint_V
Splint_V

 

 

Section

 

 

 

Section
Include Page
Klocwork_V
Klocwork_V
Section

 

section

ECLAIR

Include Page
ECLAIR_V
ECLAIR_V
Section

Fully

Implemented

implemented

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

CERT C++ Secure Coding Standard: DCL01-CPP. Do not reuse variable names in subscopes

ISO/IEC 9899:19992011 Section 5.2.4.1, "Translation limits"

...