...
This defect results from a failure to consider all possible data states (see MSC01-C. Strive for logical completeness). Once the problem is identified, it can be trivially repaired by accounting for the possibility that number can be equal to 0. In addition,
Note also that unless doing so is prohibitive for performance reasons, an advisable additional defense-in-depth practice worth considering is to DCL22-C. Initialize initialize local variables immediately after declaration. While compilers and static analysis tools often detect uses of uninitialized variables when they have access to the source code, diagnosing the problem is difficult or impossible when either the initialization or the use takes place in object code the source code of which is inaccessible to the tool.
| Code Block | ||
|---|---|---|
| ||
void set_flag(int number, int *sign_flag) {
if (sign_flag == NULL)
return;
if (number >= 0) { /* account for number being 0 */
*sign_flag = 1;
}
else {
assert(number < 0);
*sign_flag = -1;
}
}
int is_negative(int number) {
int sign = 0; /* initialize as a matter of defense-in-depth */
set_flag(number, &sign);
return sign < 0;
}
|
...