You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

The presence of unused variables may indicate significant logic errors. To prevent such errors, unused values should be identified and removed from code.

Noncompliant Code Example

This noncompliant code example contains a variable $new_name that is initialized but never subsequently read.

sub fix_name {
  my $name = shift;
  my $new_name = $name;

  $name =~ s/^([a-z])/\U$1\E/g;
  $name =~ s/ ([a-z])/ \U$1\E/g;
  return $name;
}

Compliant Solution

This compliant solution eliminates the unused variable

sub fix_name {
  my $name = shift;

  $name =~ s/^([a-z])/\U$1\E/g;
  $name =~ s/ ([a-z])/ \U$1\E/g;
  return $name;
}

Risk Assessment

The presence of unused variables may indicate logic errors that can lead to unintended program behavior. As a result, resolving unused variables can be an in-depth process requiring significant analysis.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC01-PL

low

unlikely

high

P1

L1

Related Guidelines

CERT C Secure Coding Standard: MSC13-C. Detect and remove unused values

CERT C++ Secure Coding Standard: MSC13-CPP. Detect and remove unused values

Automated Detection

Tool

Diagnostic

Perl::Critic

Variables::ProhibitUnusedVariables

Bibliography

[CPAN] Elliot Shank, Perl-Critic-1.116 Variables::ProhibitUnusedVariables


  • No labels