Section Subclause 6.5.2.5 of the C Standard [ISO/IEC 9899:2011] defines a compound literal as
a postfix A postfix expression that consists of a parenthesized type name followed by a brace-enclosed list of initializers. . . . The value of the compound literal is that of an unnamed object initiated by the initializer list.
...
following initialization, the int pointer ip contains the address of an unnamed object of type int[4], allocated on the stack. Once func returns, any attempts to access this object will produce undefined behavior.
Note that only one object is created per compound literal—even if the compound literal appears in a loop and has dynamic initializers.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h>
typedef struct int_struct {
int x;
} int_struct;
#define MAX_INTS 10
int main(void){
size_t i;
int_struct *ints[MAX_INTS];
for (i = 0; i < MAX_INTS; i++) {
ints[i] = &(int_struct){i};
}
for (i = 0; i < MAX_INTS; i++) {
printf("%d\n", ints[i]->x);
}
return 0;
}
|
However, only one int_struct object is created. At each iteration of the first loop, the x member of this object is set equal to the current value of the loop counter i. Therefore, just before the first loop terminates, the value of the x member is MAX_INTS - 1.
...
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
#include <stdio.h>
typedef struct int_struct {
int x;
} int_struct;
#define MAX_INTS 10
int main(void){
size_t i;
int_struct ints[MAX_INTS];
for (i = 0; i < MAX_INTS; i++) {
ints[i] = (int_struct){i};
}
for (i = 0; i < MAX_INTS; i++) {
printf("%d\n", ints[i].x);
}
return 0;
}
|
Risk Assessment
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
DCL21-C |
Low |
Unlikely |
Medium | P2 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
| Axivion Bauhaus Suite |
| CertC-DCL21 | |||||||
| Helix QAC |
| C1054, C3217 |
Bibliography
...
...