...
| Code Block | ||
|---|---|---|
| ||
private final int BUFSIZE = 512;
// ...
public void exampleFunction(int nbytes) {
int nblocks = 1 + (nbytes - 1) / BUFSIZE;
// ...
}
|
Exceptions
Applicability
Using numeric literals makes code more difficult to read, understand, and edit.
DCL56-EX1: The use of symbolic constants should be restricted to cases in which they improve the readability and maintainability of the code. When the intent of the literal is obvious, or where the literal is not likely to change, using symbolic constants can impair code readability. The following code example obscures the meaning of the code by using too many symbolic constants.
...
The values 4.0 and 3.0 in the volume calculation are clearly scaling factors used to calculate the sphere's volume and are not subject to change (unlike the approximate value for π), so they can be represented exactly. There is no reason to change them to increase precision because replacing them with symbolic constants actually impairs the readability of the code.
Risk Assessment
Using numeric literals makes code more difficult to read, understand, and edit.
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL56-JG | low | unlikely | high | P1 | L3 |
Related Guidelines
C Secure Coding Standard: DCL06-C. Use meaningful symbolic constants to represent literal values
C++ Secure Coding Standard: DCL06-CPP. Use meaningful symbolic constants to represent literal values in program logic
Bibliography
DCL54-JG. Do not declare more than one variable per declaration 01. Declarations and Initialization (DCL) DCL57-JG. Properly encode relationships in constant definitions
...