...
Noncompliant Code Example
| Wiki Markup |
|---|
This noncompliant code example demonstrates how dead code can be introduced into a program \ [[Fortify 2006|AA. Bibliography#Fortify 06]\]. The second conditional statement, {{if (s)}}, will never evaluate true because it requires that {{s}} not be assigned {{NULL}}, and the only path where {{s}} can be assigned a non\-{{NULL}} value ends with a return statement.
| Code Block |
|---|
|
int func(int condition) {
char *s = NULL;
if (condition) {
s = (char *)malloc(10);
if (s == NULL) {
/* Handle Error */
}
/* Process s */
return 0;
}
/* ... */
if (s) {
/* This code is never reached */
}
return 0;
}
|
...
Tool | Version | Checker | Description |
|---|
| | | | Section |
|---|
Fully Implemented |
|
| | | | Section |
|---|
can detect violations of this recommendation when the -Wunreachable-code flag is used |
|
| | | | Section |
|---|
can detect violations of this recommendation when the -Wunreachable-code flag is used |
|
| | | Section |
|---|
LV_UNUSED.GEN VA_UNUSED.* UNREACH.* |
| |
| | | | Section |
|---|
can detect the specific instance where Code can never be reached because of a logical contradiction or a dead 'default' in switch statement |
|
| | | | Section |
|---|
can detect the instances where Code block is unreachable because of the syntactic structure of the code |
|
...
MITRE CWE: CWE-561, "Dead Code"
Bibliography
...
\[[Fortify 2006|AA. Bibliography#Fortify 06]\] Code Quality, "Dead Code"
...
MSC06-C. Be aware of compiler optimization when dealing with sensitive data 49. Miscellaneous (MSC) MSC09-C. Character Encoding - Use Subset of ASCII for Safety
