...
The presence of code that has no effect can indicate logic errors that may result in unexpected behavior and vulnerabilities. Unused values in code may indicate significant logic errors.
Unused classes, methods, and variables that are part of an exported library do not violate this guideline.
Code and values that have no effect can be detected by suitable static analysis.
Automated Detection
| Tool | Version | Checker | Description |
|---|
| Parasoft Jtest |
| CERT.MSC56.CC CERT.MSC56.SWITCH CERT.MSC56.VOVR | Avoid conditions that always evaluate to the same value Avoid switch with unreachable branches Avoid unused values | ||||||
| PVS-Studio |
| V6005, V6021, V6022, V6026, V6039 | |||||||
| SonarQube |
|
|
| S1854 |
Bibliography
| [Coverity 2007] | Coverity Prevent User's Manual (3.3.0) |
| [Fortify 2013] | Code Quality, "Dead Code" |
...
...