2791 Definite: Right hand operand of shift operator is negative or too large.
移位操作过大或者是负数
void f1(unsigned long ul, int si) { if (si > 40) { ul = ul << si; /* 2791 */ } } void f2(unsigned long ul, int si) { if (si < 0) { ul = ul << si; /* 2791 */ } }
2845 Constant: Maximum number of characters to be written is larger than the target buffer size.
#include <string.h> extern char a[10]; extern char b[11]; void foo (void) { strncpy (a, b, sizeof (b)); /* 2845 */ }
字符数组 a 溢出了
2871 Infinite loop identified 无限循环
void f1(void) { int i; int n = 5; for (i = 0; i < n; ) /* 2871 */ { } } void f2(int n) { while (n <= 10) /* 2872 */ { } }
2877 This loop will never be executed more than once.循环不会被执行超过一次
This loop will only be executed once and so the loop mechanism is redundant. Has there been a mistake ?
void foo(void) { int i; for (i = 0; i < 1; ++i) /* 2877 */ { } i = 10; while (i <= 10) /* 2877 */ { ++i; } }
| 7.4 Advisory Dir-4.6 | typedefs that indicate size and signedness should be used in place of the basic numerical types |
| Amplification |
The basic numerical types of char, short, int, long, long long (C99), float, double and long double (C99) should not be used, but specific-length typedefs should be used.
For C99, the types provided by <stdint.h> should be used. For C90, equivalent types should be defined and used.
A type must not be defined with a specific length unless the implemented type is actually of that length.
It is not necessary to use typedefs in the declaration of bit-fields.
For example, on a 32-bit C90 implementation the following definitions might be suitable:
typedef signed char int8_t; typedef signed short int16_t; typedef signed int int32_t; typedef signed long int64_t; typedef unsigned char uint8_t; typedef unsigned short uint16_t; typedef unsigned int uint32_t; typedef unsigned long uint64_t; typedef float float32_t; typedef double float64_t; typedef long double float128_t;
例外
| Exception |
- The basic numerical types may be used in a typedef to define a specific-length type.
- For function "main" an int may be used rather than the typedefs as a return type. Therefore int main (void) is permitted.
- For function "main" an int may be used rather than the typedefs for the input parameter argc.
- For function "main" a char may be used rather than the typedefs for the input parameter argv.
Therefore int main( int argc, char *argv[] ) is permitted (C99 Section 5.1.2.2.1).
| Implemented by QAC messages: |
| 5209 | Use of basic type '%s'. |
3453 使用函数替代类似函数的宏,宏没有类型检查
#define M1(a, b, c) ((a) + (b) + (c)) /* Message 3453 */ #define M6(A,B) ((A)[1] + (B)[2]) /* Message 3453 */
This macro appears to be in the form of an expression and could therefore, perhaps, be replaced with a function. It is not always practical or convenient to replace function-like macros with functions; but functions are generally safer than macros because type-checking can be enforced on arguments.
Message 3453 is generated for a function-like macro which ...
- has at least one parameter
- does not contain a # or a ## operator
- does not contain { } ; or any keywords (other than type specifiers or type qualifiers)
0883 包含文件代码未受到保护以防止重复包含
#ifndef HFILEX_H #define HFILEX_H ... ... #endif