...
| Wiki Markup |
|---|
*MSC00-EX1:* Compilers can produce diagnostic messages for correct code. This is permitted by guideline C99 \[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\], which allows a compiler to produce a diagnostic for any reason. It is usually preferable to rewrite code to eliminate compiler warnings, but, if the code is correct, it is sufficient to provide a comment explaining why the warning message does not apply. Some compilers provide ways to suppress warnings, such as suitably formatted comments or pragmas, which can be used sparingly when the programmer understands the implications of the warning but has good reason to use the flagged construct anyway. |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
CERT C++ Secure Coding Standard: MSC00-CPP. Compile cleanly at high warning levels
...
Wiki Markup
MITRE CWE: CWE-563, "Unused Variable"
MITRE CWE: CWE-570, "Expression is Always False"
MITRE CWE: CWE-571, "Expression is Always True"
Bibliography
| Wiki Markup |
|---|
\[[MITRE 2007|AA. Bibliography#MITRE 07]\] [CWE ID 563|http://cwe.mitre.org/data/definitions/563.html], "Unused Variable"; [CWE ID 570|http://cwe.mitre.org/data/definitions/570.html], "Expression is Always False"; [CWE ID 571|http://cwe.mitre.org/data/definitions/571.html], "Expression is Always True"
\[[Sutter 2005|AA. Bibliography#Sutter 05]\] Item 1
\[[Seacord 2005a|AA. Bibliography#Seacord 05]\] Chapter 8, "Recommended Practices" |
...