Classification of PVS-Studio warnings according to the SEI CERT Coding Standard
The SEI CERT Coding Standard is a software coding standard for the programming languages such as C, C++, Java, and Perl, developed by the CERT Coordination Center to improve the safety, reliability, and security of software systems.
PVS-Studio pages on the SEI CERT website: C, C++, Java.
C/C++ warnings
Error Code |
Error Description |
Mapping |
---|---|---|
The '?:' operator may not work as expected. The '?:' operator has a lower priority than the 'foo' operator. |
EXP00-C |
|
Nonsensical comparison: pointer < 0. |
EXP08-C |
|
The 'alloca' function is used inside the loop. This can quickly overflow stack. |
MEM05-C |
|
Pointer to local variable 'X' is stored outside the scope of this variable. Such a pointer will become invalid. |
DCL30-C |
|
Pointer to local array 'X' is stored outside the scope of this array. Such a pointer will become invalid. |
DCL30-C |
|
Exceptions raised inside noexcept functions must be wrapped in a try..catch block. |
DCL57-CPP |
|
The 'Foo' function receives class-type variable as Nth actual argument. This is unexpected behavior. |
FIO47-C |
|
The sizeof() operator returns pointer size instead of array size. |
ARR01-C |
|
Call of the 'Foo' function will lead to buffer overflow. |
ARR01-C, ARR30-C |
|
Use _beginthreadex/_endthreadex functions instead of CreateThread/ExitThread functions. |
MSC24-C |
|
Potential logical error. Size of a pointer is divided by another value. |
ARR01-C |
|
The 'delete' operator is applied to non-pointer. |
MEM51-CPP |
|
Non-null function pointer is compared to null. Consider inspecting the expression. |
EXP16-C |
|
Potential logical error. The 'if (A) {...} else if (A) {...}' pattern was detected. |
MSC01-C |
|
The 'malloc' function allocates suspicious amount of memory calculated by 'strlen(expr)'. Perhaps the correct expression is strlen(expr) + 1. |
STR31-C |
|
The 'x' variable is assigned values twice successively. Perhaps this is a mistake. |
MSC13-C |
|
Comma operator ',' in array index expression. |
EXP08-C |
|
Expressions that use comma operator ',' are dangerous. Make sure the expression is correct. |
EXP10-C, EXP50-CPP |
|
Possible null pointer dereference. |
EXP34-C, MEM52-CPP |
|
The 'zero' value is assigned to pointer. Probably meant: *ptr = zero. |
INT36-C |
|
Pointer is compared with 'zero' value. Probably meant: *ptr != zero. |
INT36-C |
|
Suspicious semicolon ';' after 'if/for/while' operator. |
EXP15-C |
|
Return value of 'Foo' function is required to be used. |
EXP12-C |
|
The sizeof() operator is multiplied by sizeof(). Consider inspecting the expression. |
MEM35-C |
|
Consider inspecting the statement of '*pointer++' pattern. Probably meant: '(*pointer)++'. |
EXP30-C |
|
It is possible that a wrong variable is incremented inside the 'for' operator. Consider inspecting 'X'. |
MSC01-C |
|
It is possible that a wrong variable is compared inside the 'for' operator. Consider inspecting 'X'. |
MSC01-C |
|
The 'X' variable is used for this loop and outer loops. |
MSC01-C |
|
Constant value is represented by an octal form. |
DCL18-C |
|
Iterators are passed as arguments to 'Foo' function. Consider inspecting the expression. |
CTR53-CPP |
|
Member 'x' should point to string terminated by two 0 characters. |
EXP37-C |
|
String is printed into itself. Consider inspecting the expression. |
EXP37-C |
|
Suspicious type cast: 'Type1' to ' Type2'. Consider inspecting the expression. |
INT36-C |
|
The 'Foo(Foo)' class member is initialized with itself. |
EXP53-CPP |
|
TYPE X[][] is not equivalent to TYPE **X. Consider inspecting type casting. |
EXP36-C |
|
The 'first' argument of 'Foo' function is equal to the 'second' argument. |
EXP37-C |
|
Suspicious precise comparison. Consider using a comparison with defined precision: fabs(A - B) < Epsilon or fabs(A - B) > Epsilon. |
FLP02-C |
|
Unreachable code under a 'case' label. |
MSC12-C |
|
Incorrect use of smart pointer. |
MEM51-CPP |
|
Expression of the 'A - B > 0' kind will work as 'A != B'. |
INT02-C |
|
Values of different enum types are compared. |
MSC01-C |
|
Possible array overrun. |
ARR30-C |
|
Function returns pointer/reference to temporary local object. |
DCL30-C |
|
Suspicious assignment inside the conditional expression of 'if/while/for' statement. |
EXP45-C |
|
Consider assigning value to 'foo' variable instead of declaring it anew. |
DCL01-C |
|
Bool type value is compared with value of N. Consider inspecting the expression. |
INT31-C |
|
An 'else' branch may apply to the previous 'if' statement. |
EXP19-C |
|
The '&' or '|' operator is applied to bool type value. Check for missing parentheses or use the '&&' or '||' operator. |
EXP46-C |
|
Empty exception handler. Silent suppression of exceptions can hide errors in source code during testing. |
ERR56-CPP |
|
Integer constant is converted to pointer. Check for an error or bad coding style. |
INT36-C |
|
Modification of variable is unsequenced relative to another operation on the same variable. This may lead to undefined behavior. |
EXP30-C |
|
It is suspicious that the argument of sizeof() operator is the expression. |
ARR01-C, EXP44-C |
|
Truncation of constant value. |
INT31-C |
|
Use of uninitialized variable 'Foo'. The variable was used to initialize itself. |
EXP33-C, EXP53-CPP |
|
Pointer is used both as an array and as a pointer to single object. |
EXP08-C |
|
Function receives suspicious argument. |
EXP37-C |
|
Incorrect format. Consider checking the Nth actual argument of the 'Foo' function. |
DCL11-C, FIO47-C |
|
Label is present inside switch(). Check for typos and consider using the 'default:' operator instead. |
MSC01-C |
|
The 'Foo' function receives the pointer and its size as arguments. This may be a potential error. Inspect the Nth argument. |
ARR01-C |
|
Suspicious explicit type casting. Consider inspecting the expression. |
EXP39-C |
|
Consider reviewing the source code that uses the container. |
ARR30-C |
|
Attempt to release memory that stores the 'Foo' local variable. |
MEM34-C |
|
The 'Foo' function is called twice to deallocate the same resource. |
MEM30-C, MEM50-CPP |
|
Possible excessive expression or typo. Consider inspecting the expression. |
MSC01-C |
|
Non-void function must return value. |
MSC52-CPP |
|
Expression 'A = B == C' is calculated as 'A = (B == C)'. Consider inspecting the expression. |
EXP00-C |
|
Pointer to array is out of array bounds. |
ARR30-C |
|
Pointer was used before its check for nullptr. Check lines: N1, N2. |
EXP34-C |
|
Object was created but is not used. Check for missing 'throw' keyword. |
MSC13-C |
|
Compiler may delete 'memset' function call that is used to clear 'Foo' buffer. Use the RtlSecureZeroMemory() function to erase private data. |
MSC06-C |
|
Memory manipulation function is used to work with a class object containing a virtual table pointer. The result of such an operation may be unexpected. |
EXP62-CPP, OOP57-CPP |
|
The virtual destructor is not present, although the 'Foo' class contains virtual functions. |
OOP52-CPP |
|
The 'Foo' pointer is always not equal to NULL. Consider inspecting the condition. |
EXP08-C |
|
Suspicious implicit type casting. |
INT36-C |
|
Object was created but not used. If you wish to call constructor, use 'this->Foo::Foo(....)'. |
MSC13-C |
|
Number of iterations in loop equals size of a pointer. Consider inspecting the expression. |
ARR01-C |
|
Unsigned value is compared to the NN number. Consider inspecting the expression. |
INT02-C |
|
Ownerless token 'Foo'. |
MSC12-C |
|
Possible division or mod by zero. |
INT33-C |
|
Undefined behavior. Check the shift operator. |
INT34-C |
|
Memory allocation and deallocation methods are incompatible. |
MEM51-CPP |
|
Unconditional 'break/continue/return/goto' within a loop. |
MSC01-C |
|
Suspicious pointer arithmetic with 'malloc/new'. |
EXP08-C |
|
Use of 'Foo' uninitialized variable. |
EXP33-C, EXP53-CPP |
|
Suspicious explicit conversion from 'float *' type to 'double *' type. |
FLP34-C |
|
Dangerous call of 'Foo' function. The passed line may contain format specification. Example of safe code: printf("%s", str); |
FIO30-C |
|
Array is used as pointer to single object. |
EXP08-C |
|
Expression of sizeof(T)*N kind is summed up with pointer to T type. Consider inspecting the expression. |
EXP08-C |
|
Loop may execute incorrectly or may not execute at all. Consider inspecting the 'for' operator. |
MSC21-C |
|
First 'case' operator may be missing. Consider inspecting the 'switch' statement. |
DCL41-C |
|
Temporary object is created and then destroyed. Consider inspecting the '?:' operator. |
DCL30-C |
|
It is possible that a line was commented out improperly, thus altering the program's operation logic. |
EXP19-C |
|
Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. Consider inspecting the expression. |
INT00-C |
|
The 'malloc' function is used to allocate memory for an array of objects that are classes containing constructors/destructors. |
MEM53-CPP |
|
Argument is of the 'T' type. Consider inspecting the NN argument of the 'Foo' function. |
EXP37-C |
|
The '!=' operator should probably be used here. Consider inspecting the expression. |
EXP45-C |
|
Priority of '+' operation is higher than priority of '<<' operation. Consider using parentheses in the expression. |
EXP00-C |
|
Length should be probably multiplied by sizeof(wchar_t). Consider inspecting the expression. |
MEM35-C |
|
Expression was implicitly cast from integer type to real type. Consider using an explicit type cast to avoid overflow or loss of a fractional part. |
FLP06-C |
|
One of closing ')' parentheses is probably positioned incorrectly. Consider inspecting the expression for function call. |
EXP37-C |
|
Code's operational logic does not correspond with its formatting. |
EXP19-C |
|
Buffer size is not a multiple of element size. |
EXP36-C |
|
Function result is saved inside the 'byte' type variable. Significant bits may be lost. This may break the program's logic. |
INT31-C |
|
Suspicious pointer arithmetic. Value of 'char' type is added to a string pointer. |
ARR30-C, EXP08-C |
|
Function call may lead to buffer overflow. Bounds should not contain size of a buffer, but a number of characters it can hold. |
ARR30-C, STR31-C |
|
Value of 'A' type is assigned to a pointer of 'B' type. |
INT36-C |
|
Priority of '&&' operation is higher than priority of '||' operation. |
EXP00-C |
|
Two 'if' statements with identical conditional expressions. The first 'if' statement contains function return. This means that the second 'if' statement is senseless. |
MSC12-C |
|
Type casting is used 2 times in a row. The '+' operation is executed. Probably meant: (T1)((T2)a + b). |
EXP08-C |
|
Value is subtracted from unsigned variable. It can result in an overflow. In such a case, the comparison operation may behave unexpectedly. |
INT30-C |
|
Different containers are used to set up initial and final values of iterator. Consider inspecting the loop expression. |
CTR53-CPP |
|
Pointer is dereferenced on the initialization list before its check for null inside the body of a constructor function. |
EXP34-C |
|
Possible incorrect use of '#pragma warning(default: X)'. The '#pragma warning(push/pop)' should be used instead. |
MSC00-C |
|
Value may not correspond with the length of a string passed with YY argument. Consider inspecting the NNth argument of the 'Foo' function. |
EXP37-C |
|
The 'throw' operator does not have any arguments and is not located within the 'catch' block. |
ERR50-CPP |
|
Possible meaningless check for null, as memory was allocated using 'new' operator. Memory allocation will lead to an exception. |
MEM52-CPP |
|
Uninitialized class member is used to initialize another member. Remember that members are initialized in the order of their declarations inside a class. |
EXP33-C, EXP53-CPP |
|
The 'swap' function may interchange a variable with itself. |
EXP37-C |
|
More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits. |
INT02-C |
|
Expression contains a suspicious mix of integer and real types. |
FLP36-C |
|
Writing into read-only memory. |
ENV30-C, STR30-C |
|
Incorrect comparison of BOOL type variable with TRUE. |
INT31-C |
|
Custom declaration of standard type. Consider using the declaration from system header files instead. |
DCL37-C |
|
The 'X' variable was not initialized. This variable is passed by reference to the 'Foo' function in which its value will be used. |
EXP33-C, EXP53-CPP |
|
The language standard does not define order in which 'Foo' functions are called during evaluation of arguments. |
EXP10-C |
|
Size of array calculated by sizeof() operator was added to a pointer. It is possible that the number of elements should be calculated by sizeof(A)/sizeof(A[0]). |
EXP08-C |
|
The 'foo' local variable has the same name as one of class members. This can result in confusion. |
DCL01-C |
|
Destructor of 'Foo' class is not declared as virtual. A smart pointer may not destroy an object correctly. |
OOP52-CPP |
|
Inappropriate attempt to append a null character to a string. To determine the length of a string by 'strlen' function correctly, use a string ending with a null terminator in the first place. |
STR32-C |
|
The condition (ptr - const_value) is only false if the value of a pointer equals a magic constant. |
ARR30-C |
|
Range intersections are possible within conditional expressions. |
MSC01-C |
|
The 'continue' operator will terminate 'do { ... } while (FALSE)' loop because the condition is always false. |
MSC01-C |
|
Number of elements in the allocated array equals the size of a pointer in bytes. |
ARR01-C |
|
Functions of strcmp() kind can return any values, not only -1, 0, or 1. |
EXP12-C |
|
It is possible that 'foo = bar == baz ? .... : ....' should be used here instead of 'foo = bar = baz ? .... : ....'. Consider inspecting the expression. |
EXP45-C |
|
Possible realloc() leak: when realloc() fails to allocate memory, original pointer is lost. Consider assigning realloc() to a temporary pointer. |
MEM51-CPP, WIN30-C |
|
It is suspicious that the 'foo' field in derived class overwrites field in base class. |
DCL01-C |
|
It is possible that 'else' block was forgotten or commented out, thus altering the program's operation logics. |
EXP19-C |
|
Dangerous construction is used: 'm[x] = m.size()', where 'm' is of 'T' class. This may lead to undefined behavior. |
EXP50-CPP |
|
Suspicious comparison found: 'a == b == c'. Remember that 'a == b == c' is not equal to 'a == b && b == c'. |
EXP13-C |
|
It is dangerous to create a local variable within a loop with a same name as a variable controlling this loop. |
DCL01-C |
|
Compiler may optimize out this loop or make it infinite. Use volatile variable(s) or synchronization primitives to avoid this. |
MSC06-C |
|
Pointer was used in the logical expression before its check for nullptr in the same logical expression. |
EXP34-C |
|
Variable is not passed into foreach loop by reference, but its value is changed inside of the loop. |
MSC13-C |
|
The 'while' operator has empty body. This pattern is suspicious. |
EXP15-C |
|
Suspicious type conversion: HRESULT -> BOOL (BOOL -> HRESULT). |
INT31-C |
|
The switch statement does not cover all values of the enum. |
MSC01-C |
|
The VARIANT_BOOL type is used incorrectly. The true value (VARIANT_TRUE) is defined as -1. |
INT31-C |
|
Abnormality within similar comparisons. It is possible that a typo is present inside the expression. |
MSC01-C |
|
Function returns a pointer to the internal string buffer of a local object, which will be destroyed. |
DCL30-C |
|
Converting integers or pointers to BOOL can lead to a loss of high-order bits. Non-zero value can become 'FALSE'. |
INT31-C |
|
Attempt to free memory containing the 'int A[10]' array by using the 'free(A)' function. |
MEM34-C |
|
Return value of 'wcslen' function is not multiplied by 'sizeof(wchar_t)'. |
STR31-C |
|
Not all members of a class are initialized inside the constructor. |
EXP53-CPP |
|
Unary minus operator does not modify a bool type value. |
INT31-C |
|
It is possible that macro expansion resulted in incorrect evaluation order. |
PRE01-C |
|
The behavior is undefined for arithmetic or comparisons with pointers that do not point to members of the same array. |
ARR36-C |
|
Temporary anonymous object is used. |
DCL30-C |
|
EOF should not be compared with a value of the 'char' type. Consider using the 'int' type. |
INT31-C |
|
Function receives an address of a 'char' type variable instead of pointer to a buffer. |
EXP37-C |
|
The memory areas must not overlap. Use 'memmove' function. |
EXP37-C |
|
Temporary object is immediately destroyed after being created. Consider naming the object. |
MSC13-C |
|
Object slicing. An exception should be caught by reference rather than by value. |
ERR61-CPP |
|
Suspicious expression inside parentheses. A function name may be missing. |
MSC01-C |
|
Memory for 'getline' function should be allocated only by 'malloc' or 'realloc' functions. Consider inspecting the first parameter of 'getline' function. |
MEM51-CPP |
|
Destructor of the object will be invoked a second time after leaving the object's scope. |
MEM53-CPP |
|
Parameter is not used inside function's body. |
MSC13-C |
|
Creating an object with placement new requires a buffer of large size. |
MEM54-CPP |
|
Copying from potentially tainted data source. Buffer overflow is possible. |
STR31-C |
|
It is possible that an incorrect variable is compared with null after type conversion using 'dynamic_cast'. |
EXP12-C |
|
Reference was invalidated because of destruction of the temporary object returned by the function. |
EXP54-CPP |
|
Violated order of exception handlers. Exception caught by handler for base class. |
ERR54-CPP |
|
Parameter is always rewritten in function body before being used. |
MSC13-C |
|
Possible incorrect order of arguments passed to function. |
EXP37-C |
|
The pointer in the expression equals nullptr. The resulting value is meaningless and should not be used. |
EXP08-C |
|
Calling the 'delete' operator for a void pointer will cause undefined behavior. |
MSC15-C |
|
Function exited without releasing the pointer/handle. A memory/resource leak is possible. |
MEM31-C, MEM51-CPP |
|
Pointer was used after the memory was released. |
MEM30-C, MEM50-CPP |
|
Dangerous widening type conversion from an array of derived-class objects to a base-class pointer. |
CTR56-CPP |
|
Unreachable code was detected. It is possible that an error is present. |
MSC12-C |
|
The object of non-passive (non-PDS) type cannot be used with the function. |
EXP62-CPP, OOP57-CPP |
|
Value of a variable is checked after it is used. Possible error in program's logic. Check lines: N1, N2. |
API00-C, CTR50-CPP, MEM35-C |
|
It is pointless to compute the distance between the elements of different arrays. |
ARR36-C |
|
Possible dereference of invalid iterator 'X'. |
CTR51-CPP |
|
The size of the bit mask is less than the size of the first operand. This will cause the loss of the higher bits. |
INT31-C |
|
Constant expression in switch statement. |
MSC01-C |
|
Assigning the value C to the X variable looks suspicious. The value range of the variable: [A, B]. |
MSC01-C |
|
Review captured variable in lambda expression. |
EXP53-CPP |
|
Iterators for the container, used in the range-based for loop, become invalid upon a function call. |
CTR53-CPP |
|
It is suspicious that the result of the statement is a part of the condition. Perhaps, this statement should have been compared with something else. |
INT31-C |
|
A 'break' statement is probably missing in a 'switch' statement. |
MSC17-C |
|
The function is used as if it returned a bool type. The return value of the function should probably be compared with std::string::npos. |
EXP12-C |
|
The size of the dynamic array can be less than the number of elements in the initializer. |
ARR02-C |
|
It is more efficient to catch exception by reference rather than by value. |
ERR61-CPP |
|
The variable can be constructed in a lower level scope. |
DCL19-C |
|
Variable is assigned but not used by the end of the function. |
MSC13-C |
|
Pointer was used unsafely after its check for nullptr. |
EXP08-C, EXP34-C, EXP37-C |
|
Several shared_ptr objects are initialized by the same pointer. A double memory deallocation will occur. |
MEM56-CPP |
|
Value from the uninitialized optional is used. It may be an error. |
EXP53-CPP |
|
The expression is always false. Overflow check is incorrect. |
INT30-C |
|
Structures with members of real type are compared byte-wise. |
FLP37-C |
|
Suspicious simultaneous use of bitwise and logical operators. |
EXP46-C |
|
The value is out of range of enum values. This causes unspecified or undefined behavior. |
INT50-CPP |
|
Compound assignment expression is used inside condition. |
INT31-C |
|
A pointer without owner is added to the container by the 'emplace_back' method. A memory leak will occur in case of an exception. |
ERR56-CPP |
|
Potential use of invalid data. The stream is checked for EOF before reading from it but is not checked after reading. |
FIO40-C |
|
The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow. |
INT32-C |
|
Possible overflow. Consider casting operands, not the result. |
INT30-C |
|
Numeric Truncation Error. Return value of function is written to N-bit variable. |
INT31-C |
|
Variable is used after it is moved. |
EXP63-CPP |
|
Function is not declared. The passing of data to or from this function may be affected. |
DCL31-C |
|
Pointer is cast to a more strictly aligned pointer type. |
EXP36-C |
|
Do not use real-type variables as loop counters. |
FLP30-C |
|
Only values returned from fgetpos() can be used as arguments to fsetpos(). |
FIO44-C |
|
Class member is initialized with dangling reference. |
EXP54-CPP |
|
The DllMain function throws an exception. Consider wrapping the throw operator in a try..catch block. |
DCL57-CPP |
|
Unsafe usage of the 'bool' and integer types together in the operation '&='. |
INT31-C |
|
Lifetime of the lambda is greater than lifetime of the local variable captured by reference. |
EXP61-CPP |
|
Uninitialized class member is used when initializing the base class. |
EXP33-C, EXP53-CPP |
|
Calling the 'foo' virtual function in the constructor/destructor may lead to unexpected result at runtime. |
OOP50-CPP |
|
Object slicing. Derived class object was copied to the base class object. |
OOP51-CPP |
|
Pseudo random sequence is the same at every program run. Consider assigning the seed to a value not known at compile-time. |
MSC51-CPP |
|
Nonsensical comparison of two different functions' addresses. |
EXP16-C |
|
Macro name overrides a keyword/reserved name. This may lead to undefined behavior. |
DCL51-CPP |
|
Extending 'std' or 'posix' namespace may result in undefined behavior. |
DCL58-CPP |
|
The 'SysFreeString' function should be called only for objects of the 'BSTR' type. |
MEM51-CPP |
|
Do not define an unnamed namespace in a header file. |
DCL59-CPP |
|
Signed value is converted to an unsigned one with subsequent expansion to a larger type in ternary operator. |
INT32-C |
|
Buffer needs to be securely cleared on all execution paths. |
MEM03-C |
|
Argument of abs() function is minimal negative value. Such absolute value can't be represented in two's complement. This leads to undefined behavior. |
INT32-C |
|
Function marked as 'noreturn' may return control. This will result in undefined behavior. |
MSC53-CPP |
|
Signed integer overflow in arithmetic expression. This leads to undefined behavior. |
INT32-C |
|
The expression is always true/false. The value is out of range of enum values. |
EXP62-CPP |
|
Negative value is implicitly converted to unsigned integer type in arithmetic expression. |
INT32-C |
|
Call of the 'Foo' function will lead to buffer underflow. |
ARR01-C, ARR30-C |
|
No objects are passed to the 'std::scoped_lock' constructor. No locking will be performed. This can cause concurrency issues. |
CON43-C |
|
The pointer is cast to an integer type of a larger size. Casting pointer to a type of a larger size is an implementation-defined behavior. |
INT36-C |
|
Using the function of uninitialized derived class while initializing the base class will lead to undefined behavior. |
EXP54-CPP |
|
The values of padding bytes are unspecified. Comparing objects with padding using 'memcmp' may lead to unexpected result. |
EXP42-C |
|
Priority of the 'M' operator is higher than that of the 'N' operator. Possible missing parentheses. |
EXP00-C |
|
Consider using the extended version of the 'foo' function here. |
MSC24-C |
|
Consider using the 'Ptr' version of the 'foo' function here. |
MSC24-C |
|
Explicit conversion from 'float/double' type to signed integer type. |
FLP34-C |
|
Explicit conversion from 'float/double' type to unsigned integer type. |
FLP34-C |
|
Don't use terminating functions in library code. |
ERR50-CPP |
|
An identifier declared in an inner scope should not hide an identifier in an outer scope. |
DCL01-C |
|
OWASP. An empty exception handler. Silent suppression of exceptions can hide the presence of bugs in source code during testing. |
ERR56-CPP |
|
OWASP. The object was created but it is not being used. The 'throw' keyword could be missing. |
MSC13-C |
|
OWASP. Consider inspecting the expression. Bit shifting of the 32-bit value with a subsequent expansion to the 64-bit type. |
INT00-C |
|
OWASP. A value is being subtracted from the unsigned variable. This can result in an overflow. In such a case, the comparison operation can potentially behave unexpectedly. |
INT30-C |
|
OWASP. More than N bits are required to store the value, but the expression evaluates to the T type which can only hold K bits. |
INT02-C |
|
OWASP. The variable is incremented in the loop. Undefined behavior will occur in case of signed integer overflow. |
INT32-C |
|
OWASP. Possible overflow. Consider casting operands, not the result. |
INT30-C |
Java warnings
Error Code |
Error Description |
Mapping |
---|---|---|
OWASP. An exception handling block does not contain any code. |
ERR00-J |
|
OWASP. Unsafe double-checked locking. |
LCK10-J |
|
The switch statement does not cover all values of the enum. |
MSC57-J |
|
The use of 'if (A) {...} else if (A) {...}' pattern was detected. There is a probability of logical error presence. |
MSC57-J |
|
The 'x' variable is assigned to itself. |
MSC56-J |
|
Expression is always true/false. |
MSC57-J |
|
Potential null dereference. |
EXP01-J |
|
The return value of function 'Foo' is required to be utilized. |
EXP00-J |
|
The expression contains a suspicious mix of integer and real types. |
NUM13-J |
|
Comparison of arrays, strings, collections by reference. Possibly an equality comparison was intended. |
EXP03-J |
|
Constant expression in switch statement. |
MSC57-J |
|
Division or mod division by zero. |
NUM02-J |
|
The value is assigned to the 'x' variable but is not used. |
MSC56-J |
|
Parameter is not used inside method's body. |
MSC56-J |
|
This value is already assigned to the 'b' variable. |
MSC56-J |
|
The variable 'X' is being used for this loop and for the outer loop. |
MSC57-J |
|
Shift by N bits is inconsistent with the size of type. |
NUM14-J |
|
An unconditional 'break/continue/return/goto' within a loop. |
MSC57-J |
|
Comparison with 'double.NaN' is meaningless. Use 'double.isNaN()' method instead. |
NUM07-J |
|
There are two 'if' statements with identical conditional expressions. The first 'if' statement contains method return. This means that the second 'if' statement is senseless. |
MSC56-J |
|
Suspicious assignment inside the conditional expression of 'if/while/do...while' statement. |
EXP51-J |
|
Postfix increment/decrement is senseless because this variable is overwritten. |
EXP05-J |
|
Classes that define 'equals' method must also define 'hashCode' method. |
MET09-J |
|
Class initialization cycle is present. |
DCL00-J |
|
Use of jump statements in 'finally' block can lead to the loss of unhandled exceptions. |
ERR04-J |
|
Calling an overridden method in parent-class constructor may lead to use of uninitialized data. |
MET05-J |
|
Collection is modified while iteration is in progress. ConcurrentModificationException may occur. |
MSC06-J |
|
Classes should not be compared by their name. |
OBJ09-J |
|
Expression inside assert statement can change object's state. |
EXP06-J |
|
Consider inspecting this expression. The expression is excessive or contains a misprint. |
MSC57-J |
|
The used constant value is represented by an octal form. |
DCL50-J |
|
Odd semicolon ';' after 'if/for/while' operator. |
MSC51-J |
|
Suspicious invocation of Thread.run(). |
THI00-J |
|
Passing objects of incompatible types to the method of collection. |
EXP04-J |
|
Suspicious use of BigDecimal class. |
NUM10-J |
|
Unsafe synchronization on an object. |
LCK01-J |
|
It is not recommended to return null or throw exceptions from 'toString' / 'clone' methods. |
EXP01-J |
|
Non-atomic modification of volatile variable. |
VNA02-J |
|
The signature of method 'X' does not conform to serialization requirements. |
SER01-J |
|
A suspicious label is present inside a switch(). It is possible that these are misprints and 'default:' label should be used instead. |
MSC57-J |
|
Unsafe double-checked locking. |
LCK10-J |
|
It's possible that the line was commented out improperly, thus altering the program's operation logics. |
EXP52-J |
|
Automatic unboxing of a variable may cause NullPointerException. |
EXP01-J |
|
Thread.sleep() inside synchronized block/method may cause decreased performance. |
LCK09-J |
|
Lowercase 'L' at the end of a long literal can be mistaken for '1'. |
DCL50-J |
|
compareTo()-like methods can return not only the values -1, 0 and 1, but any values. |
EXP00-J |
|
Do not use real-type variables in 'for' loop counters. |
NUM09-J |