...
| Code Block | ||||
|---|---|---|---|---|
| ||||
void f(size_t begin, size_t step) {
if (0 < step) {
intsize_t i;
for (i = begin; i <= INTSIZE_MAX - step; i += step) {
/* ... */
}
}
}
|
| Anchor | ||||
|---|---|---|---|---|
|
Exceptions
MSC21-C-EX1: If the loop counter is incremented by 1 on each iteration, and it is known that the starting value of a loop is less than or equal to the ending value, then an equality operator may be used to terminate the loop. Likewise, if the loop counter is decremented by 1 on each iteration, and it is known that the starting value of the loop is greater than or equal to the ending value, then an equality operator may be used to terminate the loop.
...
Testing for exact values runs the risk of a loop terminating much longer than expected or never terminating at all.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC21-C | Low | Unlikely | Low | P3 | L3 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| Supported: Astrée reports potential infinite loops. | |||||||
| CodeSonar |
| LANG. |
STRUCT.LOOP. |
HR |
UB | High |
risk loop |
unbounded loop |
| Compass/ROSE |
| LDRA tool suite |
| 510 S | Partially implemented | ||||||
| PC-lint Plus |
| 440, 442, 443, | Partially supported | ||||||
| Polyspace Bug Finder |
| Checks for loop bounded with tainted value (rec. partially covered) | |||||||
| PVS-Studio |
| V621 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
| SEI CERT C++ |
| Coding Standard | VOID MSC21-CPP. Use inequality to terminate a loop whose counter changes by more than one |
| CERT Oracle Secure Coding Standard for Java |
...
...