Wiki Markup while}} or {{for}} statement uses a loop counter, and increments or decrements it by more than one, it should use a numerical comparison operator (that is, {{<}}, {{<=}}, {{>}}, or {{>=}}) to terminate the loop. This prevents the loop from executing indefinitely or until the counter wraps around and reaches the final value (\[[. (See guideline INT00-J. Perform explicit range checking to ensure integer operations do not overflow]\].).
Noncompliant Code Example
...
Testing for exact values to terminate a loop may result in infinite loops and denial of service.
Recommendation Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC15-J | low | unlikely | low | P3 | L3 |
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
This rule guideline appears in the C Secure Coding Standard as guideline MSC21-C. Use inequality to terminate a loop whose counter changes by more than one .
This rule guideline appears in the C++ Secure Coding Standard as guideline MSC21-CPP. Use inequality to terminate a loop whose counter changes by more than one.
...