SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 94

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user Jill Britton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
langc
int *p1 = foo();

/* Removable if bar() does not produce any side effects */
(void)bar();

/* Removable if baz() does not produce any side effects */
(void)baz();
return p1;

Exceptions

Anchor
MSC13-EX1
MSC13-EX1
MSC13-EX1: Initializing a variable with a default value, such as 0, which gets subsequently overwritten may be inefficient, but is less of a problem than reading an uninitialized value, as per EXP33-C. Do not read uninitialized memory.

Risk Assessment

Unused values may indicate significant logic errors.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC13-C

Low

Unlikely

Medium

P2

L3

Automated Detection

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V
 

Supported, but no explicit checker
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

LANG.STRUCT.UUVAL

Unused value

Coverity

Include Page
Coverity_V
Coverity_V

UNUSED_VALUE

Finds variables that are assigned pointer values returned from a function call but never used

Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C1500, C1502, C3203, C3205, C3206, C3207, C3229

DF2980, DF2981, DF2982, DF2983, DF2984, DF2985, DF2986


Klocwork
Include Page
Klocwork_V
Klocwork_V

LV_UNUSED.GEN
VA_UNUSED.GEN
VA_UNUSED.INIT

 


LDRA tool suite
Include Page
LDRA_V
LDRA_V

1 D, 8 D, 105 D, 94 D, 15 D

Fully implemented

Parasoft C/C++test
9.5MISRA2008-0_1_3_bFully implementedPolyspace Bug FinderR2016a
Include Page
Parasoft_V
Parasoft_V

CERT_C-MSC13-a

Avoid unnecessary local variables
PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

438, 505, 529, 715, 838

Partially supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. MSC13-C


Checks for:

  • Unused parameter
  • Write without a further read

Function prototype has parameters not read or written in function body

Variable never read after assignment

PRQA QA-C Include PagePRQA QA-C_vPRQA QA-C_v

1500, 1502, 3203, 3205, 3206, 3207, 3229, 3196, 2980, 2981, 2982, 2983, 2984, 2985, 2986

Rec. partially covered.

PVS-Studio

Include Page
PVS-Studio_V
PVS-Studio_V

V519, V596, V603, V714, V744, V751, V763, V1001, V5003
Fully implemented

SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S1854
 

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

SEI CERT C++ Coding StandardVOID MSC13-CPP. Detect and remove unused values
ISO/IEC TR 24772Likely Incorrect Expressions [KOA]
Dead and Deactivated Code [XYQ]
Unused Variable [XYR]

Bibliography

[Coverity 2007]

...


...