Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This compliant solution uses the identifier assigned to the constant value in the expression.:

Code Block
bgColor#ccccff
langc
#include <stdio.h>
/* ... */
nblocks = 1 + (nbytes - 1) / BUFSIZ;

...

Assuming the value of an expression diminishes the maintainability of code and can produce unexpected behavior under any circumstances in which the constant changes.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP07-C

low

Low

unlikely

Unlikely

medium

Medium

P2

L3

Automated Detection

LDRA tool suite

Tool

Version

Checker

Description

Section
Axivion Bauhaus Suite

Include Page

LDRA

Axivion Bauhaus Suite_V

LDRA

Axivion Bauhaus Suite_V

Section

201 S

Section

Fully Implemented

PRQA QA-C Include PagePRQA_VPRQA_V3120

Partially Implemented

 

CertC-EXP07
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C3120, C3121, C3122, C3123, C3131, C3132


LDRA tool suite
Include Page
LDRA_V
LDRA_V
201 S

Fully implemented

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

Bibliography

...

[Plum 1985]Rule 1-5


...

Image Modified Image Modified Image Modified