The definitions of two constant expressions should be related when and only when the values they express are also related.
Noncompliant Code Example
In this noncompliant code example, OUT_STR_LEN must always be exactly two greater than IN_STR_LEN. The definitions fail to reflect this requirement.
public static final int IN_STR_LEN = 18; public static final int OUT_STR_LEN = 12;
Compliant Solution
The relationship between the two values should be represented in the definitions.
public static final int IN_STR_LEN = 18; public static final int OUT_STR_LEN = IN_STR_LEN + 2;
Noncompliant Code Example
In this noncompliant code example, there appears to be an underlying relationship between the two constants, when in fact there is none.
public static final int ADULT_AGE = 18; public static final int ALCOHOL_AGE = ADULT_AGE + 3;
A programmer performing routine maintenance may modify the definition for ADULT_AGE but fail to recognize the resulting change in the definition for ALCOHOL_AGE.
Compliant Solution
The definitions should reflect the independence of the two constants.
public static final int ADULT_AGE = 18; public static final int ALCOHOL_AGE = 21;
Risk Assessment
Failure to properly encode relationships in constant declarations can lead to unexpected values and can complicate maintenance.
Guideline |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
DCL03-J |
low |
unlikely |
high |
P1 |
L3 |
Related Guidelines
C Secure Coding Standard: DCL08-C. Properly encode relationships in constant definitions
C++ Secure Coding Standard: DCL08-CPP. Properly encode relationships in constant definitions
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Bibliography
[[JLS 2005]] Section 4.12.4
DCL02-J. Use meaningful symbolic constants to represent literal values in program logic 03. Declarations and Initialization (DCL) DCL04-J. Do not apply final to public constants whose value might change in the future