SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 53

changes.mady.by.user Carol J. Lallier

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ffcccc
langc
int login;

if (invalid_login())
  login = 0;
else
  printf("Login is valid\n");  /* Debugging line added here */
  login = 1;                   /* This line always gets executed
                               /* regardless of a valid login! */

...

Code Block
bgColor#CCCCFF
langc
int privileges;

if (invalid_login()) {
  if (allow_guests()) {
    privileges = GUEST;
  } 
} else {
  privileges = ADMINISTRATOR;
}

Noncompliant Code Example (empty block)

This noncompliant code example has a while statement with no block:

Code Block
bgColor#ffcccc
langc
while (invalid_login());

Note that if invalid_login() has no side effects (such as warning the user if their login failed), this code also violates MSC12-C. Detect and remove code that has no effect or is never executed.

Compliant Solution (empty block)

This compliant solution features an explicit empty block, which clarifies the developer's intent:

Code Block
bgColor#CCCCFF
langc
while (invalid_login()) {}

Risk Assessment

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP19-C

Medium

Probable

Medium

P8

L2

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

compound-ifelse

compound-loop

Fully checked
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-EXP19Fully implemented
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C2212
Klocwork
Include Page
Klocwork_V
Klocwork_V
MISRA.IF.NO_COMPOUND
MISRA.STMT.NO_COMPOUND
LDRA tool suite
Include Page
LDRA_V
LDRA_V
11 S,  12 S, 428 SFully Implemented
Parasoft C/C++test
Include Page
Parasoft_V
Parasoft_V
CERT_C-EXP19-a

The statement forming the body of a 'switch', 'while', 'do...while' or 'for' statement shall be a compound statement

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

9012

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. EXP19-C

Checks for iteration or selection statement body not enclosed in braces (rec. fully covered)

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V563, V628, V640, V705
RuleChecker
Include Page
RuleChecker_V
RuleChecker_V

compound-ifelse

compound-loop

Fully checked
SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S121

Related Vulnerabilities

CVE-2014-1266 was due, in large part, to failing to follow this recommendation. There is a spurious "goto fail" statement on line 631 of sslKeyExchange.c. This "goto" gets executed unconditionally, even though it is indented as if it were part of the preceding "if" statement.  As a result, the call to sslRawVerify (which performs the actual signature verification) is rendered dead code.  [ImperialViolet 2014]. If the body of the "if" statement had been enclosed in braces, then this defect likely would not have happened.

Related Guidelines

MISRA C:2012Rule 15.6 (required)

 Bibliography

[GNU 2010]Coding Standards, Section 5.3, "Clean Use of C Constructs"

...


...

Image Modified Image Modified Image Modified