You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

If a constant value is given for a given identifier, do not diminish the modifiability of the code in which it is used by assuming its value in expressions. Just giving the constant a name is not enough to ensure modifiability; you must be careful always to use the name, and remember that the value could change. This is related to DCL06-A. Use meaningful symbolic constants to represent literal values in program logic.

Non-Compliant Coding Example

This non-compliant coding example defeats the purpose of defining BUFSIZ as a constant by assuming its value in the following expression:

nblocks = nbytes >> 9;  /* hard to modify, uses "magic number" */

The assumption is that "everyone knows that BUFSIZ equals 512," and right-shifting nine bits is the same (for positive numbers) as dividing by 512. However, if BUFSIZ changes to 1024 on some systems, modifications are difficult and error-prone.

Compliant Solution

This compliant solution uses the identifier assigned the constant value in the expression.

nblocks = nbytes / BUFSIZ;

Most modern C compilers will optimize this code appropriately.

Risk Assessment

Improper use of macros may result in unexpected arithmetic results.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

EXP10-A

1 (low)

1 (unlikely)

2 (medium)

P2

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

[[Plum 85]] Rule 1-5
[[ISO/IEC 9899-1999]] Section 6.10, "Preprocessing directives," and Section 5.1.1, "Translation environment"

  • No labels