You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Platform dependencies may be embedded in code to improve performance on a particular platform. This can be a dangerous practice, particularly if these dependencies are not appropriately documented during development and addressed during porting. Often, embedded platform dependencies have no performance or other benefits and should consequently be avoided.

Non-Compliant Coding Example

This non-compliant coding example used the complement operator in the test for unsigned integer overflow.

unsigned int ui1, ui2, sum;

if (~ui1 < ui2) {
  /* handle error condition */
}
sum = ui1 + ui2;

This code assumes that the implementation uses two's complement representation. This assumption is commonly true, but not guaranteed by the standard.

This solution also violates INT14-A. Distinguish bitmaps from numeric types.

Compliant Solution

This compliant solution implements a fully portable test for unsigned overflow.

unsigned int ui1, ui2, sum;

if (UINT_MAX - ui1 < ui2) {
  /* handle error condition */
}
sum = ui1 + ui2;

If the non-compliant form of this test is truly faster, talk to your compiler vendor, because if these tests are equivalent then optimization should occur. If both forms have the same performance, prefer the portable form.

Risk Assessment

Unused values may indicate significant logic errors, possibly resulting in a denial of service condition.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC14-A

low

unlikely

medium

P2

L3

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References


MSC12-A. Detect and remove code that has no effect      14. Miscellaneous (MSC)      

  • No labels