Every declaration should be for a single variable, on its own line, with an explanatory comment about the role of the variable. Declaring multiple variables in a single statement can declaration could cause confusion regarding about the types of the variables and their initial values. If more than one variable is declared in a declaration, care must be taken to ensure that the type and initialized value of the variable is self evident.
Noncompliant Code Example
Wiki Markup |
---|
In this noncompliant code example, a programmer or code reviewer might mistakenly conceive that the two variables {{src}} and {{c}} are declared as {{int}}. In fact, {{src}} is of type {{int\[\]}}, while {{c}} has a type of {{int}}. |
Code Block | ||
---|---|---|
| ||
int src[], c;
|
Another fallout of this example is that it declares the array in a largely antiquated and unpopular style, with the brackets appearing after the variable name as in type name[]
. In practice, arrays are typically declared as type[] name
.
Compliant Solution
In this compliant solution, each variable is declared on a separate line. It also uses the preferable style for declaring arrays.
Code Block | ||
---|---|---|
| ||
int[] src; /* source array */
int c; /* max value */
|
Although this change has no effect on compilation, the programmer's intent is clearer.
Noncompliant Example
In particular, do not declare any of the following in a single declaration:
- Variables of different types
- A mixture of initialized and uninitialized variables
In general, you should declare each variable on its own line with an explanatory comment regarding its role. While not required for conformance with this guideline, this practice is also recommended in the Code Conventions for the Java Programming Language, §6.1, "Number Per Line" [Conventions 2009].
This guideline applies to
- Local variable declaration statements [JLS 2013, §14.4]
- Field declarations [JLS 2013, §8.3]
- Field (constant) declarations [JLS 2013, §9.3]
Noncompliant Code Example (Initialization)
This noncompliant code example might lead a programmer or reviewer to In this noncompliant example, a programmer or code reviewer might mistakenly believe that both i
and j
are initialized to 1. In fact, only j
is initialized, while i
remains uninitialized.:
Code Block | ||
---|---|---|
| ||
int i, j = 1;
|
Compliant Solution (Initialization)
In this compliant solution, it is readily apparent that both i
and j
are initialized to 1.:
Code Block | ||
---|---|---|
| ||
int i = 1; // Purpose of i... int j = 1; |
...
// Purpose of j...
|
Compliant Solution (Initialization)
In this compliant solution, it is readily apparent that both i
and j
are initialized to 1:
Code Block | ||
---|---|---|
| ||
int i = 1, j = 1;
|
Declaring each variable on a separate line is the preferred method. However, multiple variables on one line are acceptable when they are trivial temporary variables such as array indices.
Noncompliant Code Example (Different Types)
In this noncompliant code example, the programmer declared declares multiple variables, including an array, on the same line. All instances of the type T
have access to methods of the Object
class Object
. However, it is easy to miss forget that arrays need require special treatment when some of these methods are overridden. Oversights of this genre typically go undetected by compilers and IDEs, alike.
Code Block | ||
---|---|---|
| ||
public class ExampleExample<T> { private T a, b, c[], d; public Example(T in) { a = in; b = in; c = (T[]) new Object[10]; d = in; } } |
As a result, when a method of Object
like When an Object
method, such as toString()
, is overridden, a programmer might could accidentally provide a general an implementation for type T
without realizing that fails to consider that c
is an array of T
rather than a reference to an object of type T
.
Code Block |
---|
// The oversight error leads to an incorrect implementation public String toString() { return a.toString() + b.toString() + c.toString() + d.toString(); } |
However, the real programmer's intent might could have been to invoke toString()
on each individual member element of the type T
, in array c
.
Code Block |
---|
// Correct functional implementation public String toString(){ String s = a.toString() + b.toString(); for (int i = 0; i < c.length; i++){ s += c[i].toString(); } s += d.toString(); return s; } |
Compliant Solution
...
(Different Types)
This compliant solution places each declaration on its own line and uses the preferred notation for array declaration:To be compliant, move each declaration to a different line. Furthermore, declare arrays by placing the brackets adjacent to the type, as opposed to using the postfix notation.
Code Block | ||
---|---|---|
| ||
public class ExampleExample<T> { private T a; // Purpose of a... private T b; // Purpose of b... private T[] c; // Purpose of c[]... private T d; // Purpose of d... public Example(T in){ a = in; b = in; c = (T[]) new Object[10]; d = in; } } |
Exceptions
Applicability
Declaration of multiple variables per line can reduce code readability and lead to programmer confusion.
When more than one variable is declared in a single declaration, ensure that both the type and the initial value of each variable are self-evident.
Declarations of loop indices should DCL04-01: Trivial declarations for loop counters, for example, can reasonably be included within a for
statement even when this results in variable declarations that lack a comment about the purpose of the variable:
Code Block | ||
---|---|---|
| ||
public class Example { void function() { int mx = 100; // Some max value for (int i = 0; i < mx; ++i ) { /* ... */ } } } |
Risk Assessment
Failing to declare no more than one variable per declaration can affect code readability and cause misinterpretations.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
DCL04- J | low | unlikely | low | P3 | L3 |
Other Languages
This rule appears in the C Secure Coding Standard as DCL04-C. Do not declare more than one variable per declaration.
This rule appears in the C++ Secure Coding Standard as DCL04-CPP. Do not declare more than one variable per declaration.
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
Wiki Markup |
---|
\[[JLS 05|AA. Java References#JLS 05]\] Section 6.1, "Declarations", Section 4.3.2, "The class Object"
\[[ESA 05|AA. Java References#ESA 05]\] Rule 9: Put single variable definitions in separate lines.
\[[Conventions 09|AA. Java References#Conventions 09]\] 6.1 Number Per Line |
Such declarations are not required to be in a separate line, and the explanatory comment may be omitted.
Automated Detection
Tool | Version | Checker | Description | ||||||
---|---|---|---|---|---|---|---|---|---|
Parasoft Jtest |
| CERT.DCL52.MVOS | Do not declare multiple variables in one statement | ||||||
SonarQube |
| S1659 |
Bibliography
§6.1, "Number Per Line" | |
[ESA 2005] | Rule 9, Put Single Variable Definitions in Separate Lines |
[JLS 2013] | §4.3.2, "The |
...
DCL03-J. Use meaningful symbolic constants to represent literal values in program logic 02. Declarations and Initialization (DCL) DCL05-J. Properly encode relationships in constant definitions