JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

CodeSonar® 9.2p0 CONFIDENTIAL CodeSecure Inc
C and C++
Binaries

LANG.STRUCT.LOOP.HR : High Risk Loop

Summary

A loop writes through a pointer that is subjected to arithmetic within the same loop.

Such a loop is not necessarily problematic unless the arithmetic causes the pointer to move outside the boundaries of the allocated object it is operating on and subsequently writes through it, but it is potentially suspicious.

In general CodeSonar will issue a warning of the appropriate class [*] if the dangerous write actually occurs. However, the analysis may sometimes miss the resulting overrun/underrun. For example, if the SEARCH_BOUND is reached before the path containing the dangerous write can be explored, no warning will be issued. The High Risk Loop check is very conservative and so may identify loops containing overruns or underruns that have not themselves triggered warnings.

Categories

Properties

Class Name High Risk Loop
Significance style
Mnemonic LANG.STRUCT.LOOP.HR
Categories
CWE CWE:119 Improper Restriction of Operations within the Bounds of a Memory Buffer
CERT-C CERT-C:MSC21-C Use robust loop termination conditions
Availability Available for C and C++.
Enabling Checks for this warning class are disabled by default. To enable them, add the following WARNING_FILTER rule to the project configuration file. 
WARNING_FILTER += allow class="High Risk Loop"

Examples 

/* Example 1: loop does not write outside an object */
void lang_struct_loop_hr_1(void){
    char buf[10];
    char *p;

    p = buf;
    while (p < buf+10){ /* 'High Risk Loop' warning issued here */
      *p++ = 'a';             /* p is incremented after it is written through, so no overflow here */
    }
    /* If the function wrote through p here after exiting the loop,
     * that would overflow buf.
     */
}

/* Example 2: loop writes outside buf */
void lang_struct_loop_hr_2(void){
    char buf[10];
    char *p;

    p = buf;
    while (p < buf+10){ /* 'High Risk Loop' warning issued here */
        *++p = 'a';     /* 'Buffer Overrun' warning issued here
                         * - p is incremented before it is written through
                         */
    }
}

Relevant Configuration File Parameters

The following configuration file parameters affect checks for this warning class.

[*] Buffer Overrun, Buffer Underrun , Type Overrun, or Type Underrun, depending on the object being written and the arithmetic the pointer has undergone.

 

To report problems with this documentation, please visit https://support.codesecure.com/.