...
- local variable declaration statements [Java 2005, §14.4]
- field declarations [Java 2005, §8.3]
- field (constant) declarations [Java 2005, §9.3]
Noncompliant Code Example (Initialization)
This noncompliant code example might lead a programmer or reviewer to mistakenly believe that both i and j are initialized to 1. In fact, only j is initialized; i remains uninitialized.
| Code Block | ||
|---|---|---|
| ||
int i, j = 1;
|
Compliant Solution (Initialization)
In this compliant solution, it is readily apparent that both i and j are initialized to 1.
| Code Block | ||
|---|---|---|
| ||
int i = 1; // purpose of i...
int j = 1; // purpose of j...
|
Compliant Solution (Initialization)
In this compliant solution, it is readily apparent that both i and j are initialized to 1.
| Code Block | ||
|---|---|---|
| ||
int i = 1, j = 1;
|
Declaring each variable on a separate line is the preferred method. However, multiple variables on one line are acceptable when they are trivial temporary variables such as array indexes.
Noncompliant Code Example (Different Types)
In this noncompliant code example, the programmer declares multiple variables, including an array, on the same line. All instances of the type T have access to methods of the Object class. However, it is easy to forget that arrays require special treatment when some of these methods are overridden.
| Code Block | ||
|---|---|---|
| ||
public class Example<T> {
private T a, b, c[], d;
public Example(T in) {
a = in;
b = in;
c = (T[]) new Object[10];
d = in;
}
}
|
When an Object method, such as toString(), is overridden, a programmer could accidentally provide an implementation for type T that fails to consider that c is an array of T rather than a reference to an object of type T.
| Code Block |
|---|
public String toString() {
return a.toString() + b.toString() + c.toString() + d.toString();
}
|
However, the programmer's intent could have been to invoke toString() on each individual element of the array c.
| Code Block |
|---|
// Correct functional implementation
public String toString(){
String s = a.toString() + b.toString();
for(int i = 0; i < c.length; i++){
s += c[i].toString();
}
s += d.toString();
return s;
}
|
Compliant Solution (Different Types)
This compliant solution places each declaration on its own line and uses the preferred notation for array declaration.
| Code Block | ||
|---|---|---|
| ||
public class Example {
private T a; // purpose of a...
private T b; // purpose of b...
private T[] c; // purpose of c[]...
private T d; // purpose of d...
public Example(T in){
a = in;
b = in;
c = (T[]) new Object[10];
d = in;
}
}
|
Exceptions
DCL01-EX1: Note that the declaration of a loop counter in a for statement is in violation of this guideline because the declaration is not on its own line with an explanatory comment about the variable's role. However, declaration of loop indices in for statements is not only a common idiom but also provides the benefit of restricting the scope of the loop index to the for loop itself. This is a specific reason to relax this guideline.
Declarations of loop indices should be included within a for statement:
| Code Block | ||
|---|---|---|
| ||
public class Example {
void function() {
int mx = 100; // some max value
for (int i = 0; i < mx; ++i ) {
/* ... */
}
}
}
|
Risk Assessment
Declaration of multiple variables per line can reduce code readability and lead to programmer confusion.
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL01DCL54-J JG | low | unlikely | low | P3 | L3 |
Related Guidelines
C Secure Coding Standard: DCL04-C. Do not declare more than one variable per declaration
C++ Secure Coding Standard: DCL04-CPP. Do not declare more than one variable per declaration
Bibliography
Section 6.1, "Number Per Line" | |
[ESA 2005] | Rule 9: Put single variable definitions in separate lines. |
[JLS 2005] | |
| |
| |
| |
|
DCL50-JG. Use visually distinct identifiers 01. Declarations and Initialization (DCL) DCL52-J. Avoid ambiguous overloading of varargs methods