...
In the following noncompliant code example the expression ++n in the initialization expression of a must be evaluated since its value affects the size of the variable length array operand of the sizeof operator. However, since the expression ++n % 1 evaluates to 0, regardless of the value of n its value does not affect the result of the sizeof operator, and, thus, it is unspecified whether n is incremented or not.
...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP06-C | low | unlikely | low | P3 | L3 |
Automated Detection
...
Tool | Version | Checker | Description |
|---|---|---|---|
|
...
|
|
| ||||||||
|
|
|
|
...
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
Related Guidelines
This rule appears in the C++ Secure Coding Standard as : EXP06-CPP. Operands to the sizeof operator should not contain side effects.
Bibliography
| Wiki Markup |
|---|
\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 6.5.3.4, "The sizeof operator" |
...