...
Providing an expression that appears to produce side effects may be misleading to programmers who are not aware that these expressions are not evaluated. As a result, programmers may make invalid assumptions about program state, leading to errors and possible software vulnerabilities.
...
Noncompliant Code Example
In this non-compliant noncompliant code example, the expression a++ is not evaluated and the side effects in the expression are not executed.
...
Consequently, the value of a after b has been initialized is 14.
Implementation-Specific Details
This example compiles cleanly under Microsoft Visual Studio 2005 Version 8.0, with the /W4 option.
Compliant Solution
In this compliant solution, the variable a is incremented.
| Code Block | ||
|---|---|---|
| ||
int a = 14; int b = sizeof(a); a++; |
Risk Assessment
If expressions that appear to produce side effects are supplied to the sizeof operator, the returned result may be different than expected. Depending on how this result is used, this can lead to unintended program behavior.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP06-A C | low | unlikely | low | P3 | L3 |
Automated Detection
The LDRA tool suite V 7.6.0 is able to can detect violations of this recommendation.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
| Wiki Markup |
|---|
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.5.3.4, "The sizeof operator" |
...
03. Expressions (EXP) EXP07-A. Do not diminish the benefits of constants by assuming their values in expressions