...
Code Block | ||||
---|---|---|---|---|
| ||||
#include <stdio.h>
void func(void) {
int val = 0;
/* ... */
++val;
size_t align = _Alignof(int[val]);
printf("%zu, %d\n", align, val);
/* ... */
} |
...
If expressions that appear to produce side effects are supplied to an operator that does not evaluate its operands, the results may be different than expected. Depending on how this result is used, it can lead to unintended program behavior.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
---|---|---|---|---|---|
EXP44-C | Low | Unlikely | Low | P3 | L3 |
Automated Detection
Tool | Version | Checker | Description | |||||
---|---|---|---|---|---|---|---|---|
Astrée |
| alignof-side-effect |
Fully checked | |||||||||
Axivion Bauhaus Suite |
| CertC-EXP44 | |||||||
Clang |
| -Wunevaluated-expression | Can diagnose some instance of this rule, but not all (such as the _Alignof NCCE). | ||||||
CodeSonar |
| LANG.STRUCT.SE.SIZEOF LANG.STRUCT.SE.CGEN | Side effects in sizeof Side Effects in C Generic Selection | ||||||
Compass/ROSE |
Coverity |
| MISRA C 2004 Rule 12.3 | Partially implemented | ||||||
| CC2.EXP06 | Fully implemented | |||||||
Helix QAC |
| C3307 | |||||||
Klocwork |
| MISRA.SIZEOF.SIDE_EFFECT |
LDRA tool suite |
| 54 S, 653 S | Fully implemented | ||||||
Parasoft C/C++test |
| CERT_C-EXP44-a | Object designated by a volatile lvalue should not be accessed in the operand of the sizeof operator | |||||||
PC-lint Plus |
| 9006 | Partially supported: reports use of sizeof with an expression that would have side effects | ||||||
| Checks for situations when side effects of specified expressions are ignored (rule fully covered) | ||||||||
PVS-Studio |
| V568 |
RuleChecker |
| alignof-side-effect |
Fully checked |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
Key here (explains table format and definitions)
Taxonomy | Taxonomy item | Relationship |
---|---|---|
CERT C | EXP52-CPP. Do not rely on side effects in unevaluated operands | Prior to 2018-01-12: CERT: Unspecified Relationship |
...
...